逐浪CMS随意xss

简要描述： 去了你们测试站点，测试站太烂，随意X了俩走人。。。 详细说明： http://demo.zoomla.cn/guest/GuestShow.aspx?GID=1 测试不顺因为无缘无故就这样，还让不让人测试 1 留言 地址：http://demo.zoomla.cn/guest/GuestShow.aspx?GID=1 方法： 源码编辑功能删了吧。。。 2 搜索 主页搜索框输入 输出1 输出2 https://images.seebug.org/uploa...

SpagoBI 4.0 - Arbitrary XSS File Upload

Exploit for php platform in category web applications Introduction SpagoBI1 is an Open Source Business Intelligence suite, belonging to the free/open source SpagoWorld initiative, founded and supported by Engineering Group2. It offers a large range of analytical functions, a highly functional...

Multiple vulnerabilities in ImpressCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ImpressCMS, which can be exploited to perform cross-site scripting and local file inclusion attacks. 1 Multiple Arbitrary XSS vulnerabilities in ImpressCMS: CVE-2012-0986 1.1 Input appended to the URL after...

[eVuln.com] Multiple XSS inj in Wernhart Guestbook

New eVuln Advisory: Multiple XSS in Wernhart Guestbook Summary: http://evuln.com/vulns/150/summary.html Details: http://evuln.com/vulns/150/description.html -----------Summary----------- eVuln ID: EV0150 Software: Wernhart Guestbook Vendor: Carl A. Wernhart Version: 2001.03.28 Critical Level: low...

[eVuln.com] Multiple XSS in Alguest

New eVuln Advisory: Multiple XSS in Alguest Summary: http://evuln.com/vulns/151/summary.html Details: http://evuln.com/vulns/151/description.html -----------Summary----------- eVuln ID: EV0151 Software: Alguest Vendor: n/a Version: 1.1c-patched Critical Level: low Type: Cross Site Scripting Statu...