• 日期:2019-04-23
  • 类别:
  • 作者:F1uffyGoat
  • 语法:inurl:ctl/Login/Default.aspx
  • The Dork: inurl:ctl/Login/Default.aspx reveals the CMS Login page for the Dot Net Nuke CMS.

    Versions  DNN 7.1.0 and earlier / DNN 6.2.8 and earlier are vulnerable to XXS ( CVE-2013-4649 ). 

    This can be tested by reviewing the page source code and searching for default.css where the version will precede it.