This document describes multiple SQL injection and XSS vulnerabilities in Onpub CMS versions 1.4 and 1.5. It includes detailed technical descriptions, vulnerable parameters, and proof-of-concept URLs for exploitation.
Classification
Writeup 100%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Reliable
Target:Onpub CMS 1.4 & 1.5
No auth needed
Prerequisites:Access to the vulnerable Onpub CMS instance