Dimofinf CMS 3.0.0 - Cross-Site Scripting

EDB-ID: 44897
Author: Renzi
Published: 2018-06-15
CVE: CVE-2018-12094
Type: Webapps
Platform: PHP
Vulnerable App: N/A

 # Author: Felipe "Renzi" Gabriel 
# Date: 2018-06-13
# Software: Dimofinf CMS Version 3.0.0
# CVE: CVE-2018-12094

# A Reflected Cross-Site Scripting web vulnerability has been discovered in the "Dimofinf CMS" web-application.
# The vulnerability is located in the 'id' parameter of the`news.php` action GET method request.

# PoC

Related Posts