lineaCMS Cross Site Scripting Vulnerability

vendor:

lineaCMS

by:

Phenom

7.5

CVSS

HIGH

Cross Site Scripting

CWE

Product Name: lineaCMS

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

lineaCMS Cross Site Scripting Vulnerability

A Cross Site Scripting vulnerability exists in lineaCMS, which allows an attacker to inject malicious JavaScript code into the search.php page. This code is then executed in the browser of the victim when the page is loaded.

Mitigation:

Input validation should be used to prevent Cross Site Scripting attacks. All user-supplied input should be validated and filtered before being used in the application.

Source

Exploit-DB raw data:

 #######################################################################
 #                                                                     #
 ###         lineaCMS Cross Site Scripting Vulnerability             ###
 #                                                                     #
 #######################################################################
 #                                                                     #
 #  Author : Phenom                                                    #
 #                                                                     #
 #  vendor : http://www.lineaphp.net                                   #
 #                                                                     #
 #  language : PHP                                                     #
 #                                                                     #
 #  Dork : Powered by lineaCMS © 2006 lineaPHP Group                   #
 #                                                                     #
 #######################################################################
 #                                                                     #
 # Exploit :                                                           #
 #                                                                     #
 # 1- http://server/path/search.php                                    #
 #                                                                     #
 # 2- type here your XSS                                               #
 #######################################################################