Campsite CMS – Remote Persistent Cross-Site Scripting

• Exploit Database
• 30 阅读

• 作者： D4rk357
  日期： 2010-07-15
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14365/

• #################################################################
  # Exploit Title: Campsite CMS remote Persistent XSS vulnerability
  # Date: 15th july 2010
  # Author: D4rk357
  # Critical:Low
  # Contact:bd4rk357[at]yahoo[dot]in
  # Software Link:bhttp://www.sourcefabric.org/en/home/web/78/Demo--Documentation.htm?tpl=18
  # Greetz to:bb0nd, Fbih2s,Beenu,rockey killer,The empty(), punter,eberly,prashant
  # Shoutz to: http://www.garage4hackers.com/forum.php , h4ck3r.in andall ICW members
  ##############################################################################
  
  Login as Admin into the website .
  
  GO to administration>Articles>Edit articles or any other option .
  
  In heading or content type <marquee><h1>XSS3d By D4rk357</h1><marquee> .
  
  On the other hand a user using this CMS can upload a persistent XSS in this site while 
  submitting a article using same method. 
  
   ##################################################################################
   #D4rk357