Mono Blog multiple vulnerability

2018.01.29
ir IRANIAN ETHICAL HACKERS (IR) ir
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A
CWE: N/A
Dork: intext:"POWERED BY monoblog.ir"

[+] Exploit Title ; Mono Blog multiple vulnerability [+] Date : 2018-01-29 [+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS [+] Version : 1.0 [+] Vendor Homepage : monoblog.ir [+] Dork : intext:"POWERED BY monoblog.ir" [+] Forum : irethicalhackers.com/forums [+] Tested On : windows 10 - kali linux 2.0 [+] Contact : https://telegram.me/WebServer [+] Description : [!] Mono Blog is a tool for creating free blogs [+] Poc : [+] Cross Site Scriping (Stored): [!] First Go to the admin panel and click on new post for send any post to your blog [!] now copy and paste payload on content box. [!] payload : <script>alert('0P3N3R')</script> [!] now if you go site you can see 0P3N3R on any sites and admin panel [+] Sensitive Data Exposure [!] If you enter the wrong password on login page [!] mono blog redirected you for login.php and you can see your database user without password [!] Error : Access denied for user ''@'localhost' (using password: NO) [!] or you can going to http://testsec.monoblog.ir/gallery/ and see this Error [+] Security Level : [!] medium [+] Exploitation Technique: [!] Remote [+] Vulnerability Files : [*] index.php [!] Vulnerable Files : [!] index.php [!] login.php [!] Addpost.php [+] Fix : [!] Restrict user input or replace bad characters [!] use htmlspecialchars and htmlentities [!] Validating user inputs [+] We Are : [+] 0P3N3R [+] Mehrdad_Ice [+] BaxTurk24 [+] S0hp [+] ERROR1067


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top