4 matches found
CVE-2019-13339
creationtimestamp| type| source ---|---|--- 2024-11-14 06:07:22+00:00| seen| MISP/75e43ef5-d4ef-4385-b063-4c78c6c0746a...
MiniCMS 1.10 - 'content box' Stored XSS
Exploit Title: MiniCMS 1.10 - 'content box' Stored XSS Date: 2019-7-4 Exploit Author: yudp Vendor Homepage: https://github.com/bg5sbk/MiniCMS Software Link:https://github.com/bg5sbk/MiniCMS Version: 1.10 CVE :CVE-2019-13339 Payload:alert"3: "+document.domain In /MiniCMS/mc-admin/page-edit.php POC...
MiniCMS 1.10 Cross Site Scripting
Exploit Title: MiniCMS 1.10 - 'content box' Stored XSS Date: 2019-7-4 Exploit Author: yudp Vendor Homepage: https://github.com/bg5sbk/MiniCMS Software Link:https://github.com/bg5sbk/MiniCMS Version: 1.10 CVE :CVE-2019-13339 Payload:alert"3: "+document.domain In /MiniCMS/mc-admin/page-edit.php POC...
CVE-2019-13339
CVE-2019-13339 affects MiniCMS v1.10. The stored XSS is in mc-admin/page-edit.php (content box) due to lack of proper validation of client-side data, allowing an attacker to obtain a user’s cookie. Connected sources also show public exploitation material (e.g., Exploit-DB) with a payload demonstr...