Exploit/Advisories
Published on July 11th, 2020 📆 | 3158 Views ⚑
0Impress CMS 1.4.0 Cross Site Scripting ≈ Packet Storm
- Impress CMS 1.4.0 Cross Site Scripting
- Posted Jul 11, 2020
- Authored by AppleBois
-
Impress CMS version 1.4.0 suffers from a cross site scripting vulnerability.
- MD5 |
029b019e3aee7ed3d4048cb1c2d4d9a0
- Download | Favorite | View
#Author: AppleBois
#Homepage: https://sourceforge.net/projects/impresscms/
#Affected Version: 1.4.0
#Stored XSS
#Allows an attacker to execute arbitrary HTML and JavaScript code
#Solution: Update to 1.4.1
#More information : https://github.com/ImpressCMS/impresscms/issues/659Payload =
Vulnerable URL :modules/system/admin.php?fct=adsense&op=mod&adsenseid=4
Vulnerable TextBar : ID of the [adsense tag to display this ad]
Vulnerable URL :/modules/system/admin.php?fct=customtag&op=mod
Vulnerable TextBar : Name
Gloss