EED-ID: 46067 CVE: 2018-20448 Author: WangDudu Type: WEBAPPS Platform: PHP Date: 2019-01-02 Vulnerable App: Frog CMS 0.9.5 Key Information: Vulnerability Type: Cross-Site Scripting (XSS) Exploit Title: Frog CMS 0.9.5 - Cross-Site Scripting Exploit Date: 2018-12-25 Exploit Author: WangDudu Vendor Homepage: https://github.com/philippe/FrogCMS Software Link: https://github.com/philippe/FrogCMS Version: 0.9.5 Vulnerability Details: The parameter in the Database name has a reflective XSS vulnerability. Requirements: 1. Database name, username, and password must be correct. 2.Can use the payload: Tags: Cross-Site Scripting (XSS)