X:\xampp\htdocs\mecha-cms\lot\responses\comment\2016-05-18-22-54-04_2016-05-18-23-58-58_0000-00-00-00-00-00.txt

if i post exploit comment i can see input views :3

Name: Tedi Sunjaya
Email: tedisunjaya@yahoo.co.id
Status: 1
Content Type: HTML
Fields: {"user_ip":"::1","user_agent":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36"}

fix it fast or not no problem hehehe just xss exploit :3 nice cms

© 2016 My Awesome Site · Powered by Mecha 1.2.6

jika mau tau exploitnya bisa email di wtf666dotcom@gmail.com ... 👍

Have you tried it with passenger mode? Because pilot is allowed to embed the {{php}} shortcode. Thanks.

i dont login i just login for create post not comment