Home / exploits 5pmweb.com Cross Site Scripting
Posted on 26 September 2014
#author: provensec #description: Easy, Customizable Project Management SAS #vendor: 5pmweb.com #exploit 1 Goto site. 5pmweb.com/index.php <http://site.5pmweb.com/index.php> 2 Add new task fill description and name field with xss payload "><img src=d onerror=confirm(1);> and then click on the task as given in the screenshot http://prntscr.com/4pxe6j 3 Javascript will execute
