Lucene search
BlogMagz CMS 1.0 Cross Site Scripting
šļøĀ 08 May 2023Ā 00:00:00Reported byĀ CraCkErTypeĀ 
Ā packetstormšĀ packetstormsecurity.comšĀ 220Ā Views
BlogMagz CMS 1.0 has a reflected cross site scripting vulnerability impacting the GET method, allowing manipulation of site content
Show more
`āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā C r a C k E r āā
āā T H E C R A C K O F E T E R N A L M I G H T āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āāāāā From The Ashes and Dust Rises An Unimaginable crack.... āāāāā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā [ Vulnerability ] āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
: Author : CraCkEr :
ā Website : techrobot.in ā
ā Vendor : Tech Robot ā
ā Software : BlogMagz CMS 1.0 ā
ā Vuln Type: Reflected XSS ā
ā Method : GET ā
ā Impact : Manipulate the content of the site ā
ā ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
ā āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
: :
ā Release Notes: ā
ā āāāāāāāāāāāāā ā
ā The attacker can send to victim a link containing a malicious URL in an email or ā
ā instant message can perform a wide variety of actions, such as stealing the victim's ā
ā session token or login credentials ā
ā ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL
CryptoJob (Twitter) twitter.com/0x0CryptoJob
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā Ā© CraCkEr 2023 āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
Path: /search
GET parameter 'q' is vulnerable to RXSS
https://website/blogmagz/search?q=123rto10%3cscript%3ealert(1)%3c%2fscript%3efffyz
[-] Done
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactĀ us for a demo andĀ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 May 2023 00:00Current
7.1High risk
Vulners AI Score7.1