Posted by Simo Ben youssef on Dec 09
Title: Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities
Author: Simo Ben youssef
Contact: Simo_at_Morxploit_com
Discovered: 02 November 2014
Updated: 9 December 2014
Published: 9 December 2014
MorXploit Research
http://www.MorXploit.com
Vendor: Concrete5
Vendor url: www.concrete5.org
Software: Concrete5 CMS
Versions: 5.7.2 and 5.7.2.1 (probably older)
Status: Unpatched
Vulnerable scripts:…