Splendid CRM Cross Site Scripting

Posted on 16 September 2014

#Description : Splendid CRM Software, Inc. (open source crm) #vendor:http: http://demo.splendidcrm.com/ #author:provensec #type:stored xss #exploit: 1 Goto contact edit page for example http://demo.splendidcrm.com/Contacts/edit.aspx?ID=cb4bb68f-0233-41b3-87cb-2c6469a29f16 2 Edit the first name field with xss payload <body/onload=alert(1) ==> http://prntscr.com/4lg1d6 screenshot 3 Save it and javascript will execute

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

pgAdmin 8.3 Remote Code Execution
Palo Alto OS Command Injection
Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow
Centreon 23.10-1.el8 SQL Injection
Stock Management System 1.0 SQL Injection

Last 20