4 matches found
iScripts Easycreate 3.2.1 Cross Site Scripting
Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9236 CVE:...
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on:...
iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9236 CVE:...
CVE-2018-9236
CVE-2018-9236 is a stored XSS vulnerability in iScripts EasyCreate 3.2.1 affecting the Site title (and Site Description per PoC) fields. Exploitation requires data input stored server-side and later rendered, enabling script execution in victims’ browsers. The CVSS metrics from NVD show a base sc...