mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
915 B
915 B
CVE-2018-18417
Description
In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI.
POC
Reference
- http://packetstormsecurity.com/files/149842/Ekushey-Project-Manager-CRM-3.1-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/149842/Ekushey-Project-Manager-CRM-3.1-Cross-Site-Scripting.html
- https://www.exploit-db.com/exploits/45681/
- https://www.exploit-db.com/exploits/45681/
Github
No PoCs found on GitHub currently.