CVE-2018-25331

Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attackers can inject script tags through the currentpage parameter sent to the ajax.php endpoint, which...

CVE-2018-25331

CVE-2018-25331 affects Zenar Content Management System. The vulnerability is a Cross-Site Scripting (XSS) in the ajax.php endpoint, where unsanitized user input is reflected in the response. Exploitation is possible via POST parameters (notably the current_page parameter), enabling unauthenticate...

Zenar Content Management System 跨站脚本漏洞

Zenar Content Management System is an open source content management system CMS from the Zenar team. A cross-site scripting vulnerability exists in the Macrob7 Macs Framework Content Management System, which stems from a cross-site scripting XSS vulnerability contained in the account reset featur...

Zenar Content Management System 8.3 Cross Site Request Forgery

Exploit Title: Zenar Content Management System 8.3 - Cross-Site Request Forgery CSRF Date: 2018-05-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://zenar.io/ Software Link : https://github.com/TribalSystems/Zenario/releases/tag/8.3.47997 Software : Zenar Content Management System 8.3...

Zenar Content Management System - Cross-Site Scripting

Exploit Title: Zenar Content Management System - Cross-Site Scripting Software Link: https://zenar.io/ Dork: N/A Author: Berk Dusunur Tested Website: http://demo.zenar.io Date: 2018-05-20 Category: Web App PoC GET Request: POST /zenario/ajax.php?methodcall=refreshPlugin&inIframe=true HTTP/1.1 Hos...