User management 1.1 crosssite scripting Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-10-25 |
Type : webapps |
Platform : php
This exploit / vulnerability User management 1.1 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: User Management 1.1 - Cross-Site Scripting
# Date: 2018-10-16
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: http://ardawan.com/
# Software Link : http://um.ardawan.com
# Software : User Management
# Version : 1.1
# Vulernability Type : Cross-site Scripting
# Vulenrability : Stored XSS
# CVE : CVE-2018-18419
# Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1,
# as demonstrated by a .jpg filename to the /account URI.