3 matches found
Cross site scripting
A stored cross site scripting XSS vulnerability in the 'Add Page' feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Title' parameter...
BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS)
Exploit Title: BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting XSS Date: 04/07/2021 Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://blackcat-cms.org/ Software Link: https://blackcat-cms.org/page/download.php Version: BlackCat CMS - 1.3.6 Step 1 : Login to admin account in...
BlackCat CMS 1.3.6 - (Display name) XSS Vulnerability
Exploit Title: BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting XSS Exploit Author: Kamaljeet Kumar - TATA Advanced Systems Limited Vendor Homepage: https://blackcat-cms.org/ Software Link: https://blackcat-cms.org/page/download.php Version: BlackCat CMS - 1.3.6 Tested on: Windows Steps t...