MicroChat Cross Site Scripting Vulnerability

2019.04.18
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

[+] Exploit Title ; MicroChat Cross Site Scripting Vulnerability [+] Date : 2019-04-18 [+] Author : 0P3N3R FROM IRANIAN ETHICAL HACKERS [+] Vendor Homepage : http://www.phptoys.com/downloads/microChat.zip [+] Version : ... [+] Dork : N/A [+] My Site : ... [+] Tested On : windows 10 - kali linux 2.0 [+] Contact : aliopener22@gmail.com [+] Description : [!] Micro Chat is a simple PHP based chat script with very easy installation. The script is designed for smaller traffic and so no database is required. You only need to upload the files and the script works fine. The look and feel is easy editable via CSS. [+] Poc : [!] Download Microchat and create sub directory. [!] extract microchat files on your sub directorys. and going to the your sub directorys [!] now you see the name box and you must write nickname on the box . [!] inject your payload for ex : <svg/onload=(confirm)()> [!] chat started. and if you send any messages your payload was working. [!] Payload : [*] <svg/onload=(confirm)()> [+] Security Level : [!] Med [+] Exploitation Technique: [!] Remote [+] Request Method : [!] POST [+] Vulnerability Link : [*] http://localhost/index.php [+] Vulnerable File (s) : [!] index.php [+] Vulnerable Source Code : [!] <?php if (!isset($_SESSION['nickname']) ){ createForm(); } else { $name = isset($_POST['name']) ? $_POST['name'] : "Unnamed"; $_SESSION['nickname'] = $name; ?> [+] Fix : [!] Restrict user input or replace bad characters [+] We Are : [+] 0P3N3R


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top