XSS Vulnerability in Fork CMS 3.8.3

Posted by ITAS Team on Jan 12

# Exploit Title: XSS Vulnerability in Fork CMS 3.8.3

# Google Dork: N/A

# Date: 12/26/2014

# Exploit Author: Le Ngoc phi (phi.n.le () itas vn) and ITAS Team (www.itas.vn)

# Vendor Homepage: http://www.fork-cms.com

# Software Link: http://www.fork-cms.com/blog/detail/fork-3.8.4-released

# Version: Fork 3.8.3

# Tested on: N/A

# CVE : CVE-2014-9470

::VULNERABILITY DETAIL::

– Vulnerable parameter: q_widget

– Vulnerable file:…

Leave a Reply