Textpattern cms 4.6.2 body persistent crosssite scripting Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-10-07 |
Type : webapps |
Platform : php
This exploit / vulnerability Textpattern cms 4.6.2 body persistent crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting
# Exploit Author: Alperen Ergel
# Web Site: https://alperenae.gitbook.io/
# Software Homepage: https://textpattern.com/
# Version : 4.6.2
# Tested on: windows 10 / xammp
# Category: WebApp
# Google Dork: intext:"Published with Textpattern CMS"
# Date: 2020-10-29
# CVE :-
######## Description ########
#
# 1-) Loggin administrator page
#
# 2-) Write new blog add payload to 'body'
#
# 3-) Back to web site then will be work payload
#
#
######## Proof of Concept ########