## HeLiOsZ - Dark End Team - Internet Security Team
## Dragonfly CMS 9.0.6.1 and prior XSS
## IRC: darkend.sytes.net #darkend , http://darkend.sytes.net &
http://www.darkend.org
## Rish : Medium
## Type : web applet
## Creator: http://www.cpgnuke.com/
## Exploit:
- The vuln is in the search section,it don't validate the imput.
To exploit this vuln you simply need an Internet Browser,you must only use
a cookie
logger to get the Portal cookies.
To know if it is vulnerable: <script>alert('This is an XSS
Vulnerability')</script>
## Dork: Interactive software released under GNU GPL, Code Credits, Privacy
Policy
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum