Giters

fuzzlove / FUDforum-XSS-RCE

FUDForum 3.0.9 - XSS / Remote Code Execution (CVE-2019-18873, CVE-2019-18839)

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

exploitpenetration-testing

FUDforum-XSS-RCE

FUDForum 3.0.9 - XSS / Remote Code Execution (CVE-2019-18873, CVE-2019-18839)

Multiple Stored XSS vulnerabilities have been found in FUDforum 3.0.9 that can result in remote code execution.

Stored XSS via username in forum: Info | Demo

Stored XSS via useragent in admin panel: Info | Demo

About

FUDForum 3.0.9 - XSS / Remote Code Execution (CVE-2019-18873, CVE-2019-18839)

exploitpenetration-testing

Languages

Language:JavaScript 100.0%