Home / exploits Snapper CMS Cross Site Scripting XSS
Posted on 13 November 2013
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ./Title Exploit : Snapper CMS Cross Site Scripting (XSS) ./Vendor Homepage: https://www.snapperworld.com/ ./Vulnerability Type: Cross Site Scripting (XSS) ./Author Exploit: [ v3nd3tta ] [ zero-security.org ] ./Date: 12.11.2013. ./Dork: intext:"Site maintained by Snapper CMS" +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++Description+++ An XSS vulnerability has been found in sites that use the search bar that are powered by Snapper CMS. A simple test, just add <script>alert('xss')</script> in to the search bar. Use your brain +++Examples for Testing:+++ http://www.fusionperXsonnel.com/ http://www.stwhospXice.org/ http://www.scoutaXctivitycentres.org.uk http://www.prospXects4corporatetravel.com http://www.tsintXernational.co.uk +++++++Credits+++++++ This vulnerability was detected by V3nd3tta of Zero-Security.org +++++++Special Thanks++++++++ All members of Zero-Security.org
