5 matches found
minewebcms 1.15.2 Cross Site Scripting
Exploit Title: minewebcms 1.15.2 - Cross-site Scripting XSS Google Dork: NA Date: 02/20/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://mineweb.org/ Software Link: https://github.com/mineweb/minewebcms Version: 1.15.2 Tested on: KALI OS CVE : CVE-2022-1163...
CVE-2022-1163
Cross-site Scripting XSS - Stored in GitHub repository mineweb/minewebcms prior to next...
CVE-2022-1163 Cross-site Scripting (XSS) - Stored in mineweb/minewebcms
Cross-site Scripting XSS - Stored in GitHub repository mineweb/minewebcms prior to next...
Cross-site Scripting (XSS) - Stored in mineweb/minewebcms
Description A malicious actor is able to add new Notification with a malicious payload, and upon the user receives the notification, the malicious payload is being executed. Proof of Concept - 1; Log in with any user, who is able to submit notifications - 2; Create a new notification at...
Cross-site Scripting (XSS) - Stored in mineweb/minewebcms
Description A malicious actor is able to add a malicious payload as a new Page Title, and after every time any administrative user visits the /admin/pages route, the XSS payload is executed. Proof of Concept 1;Create a new Page at the following route: /admin/pages/add. Use the following payload a...