[] NeoSense
E X P L O I T S
title author type platform port cve id

Composr CMS 10.0.34 - 'banners' Persistent Cross Site Scripting

Author: Parshwa Bhavsar
type: webapps
platform: php
port: 
date_added: 2020-12-04 
date_updated: 2020-12-04 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
# Exploit Title: Composr CMS 10.0.34 - 'banners' Persistent Cross Site Scripting
# Date: 3-12-2020
# Exploit Author: Parshwa Bhavsar
# Vendor Homepage: https://compo.sr/
# Software Link: https://compo.sr/download.htm
# Version: 10.0.34
# Tested on: Windows 10/ Kali Linux

Steps To Reproduce :-

1. Install the CMS from the download link & configure it.
2. After configuration login with admin Credential .
3. You will notice “Add banner” in the top of the browser.
4. Click on it and Put XSS payload (any) in “Description” field.
5. Save it & Click on Home.
6. Every time any user visit the website , the XSS payload will trigger.
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.