CWP 0.9.8.885 Cross Site Scripting

2019.10.29
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 1.9/10
Impact Subscore: 2.9/10
Exploitability Subscore: 3.4/10
Exploit range: Local
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

# Exploit Title: CWP (CentOS Control Web Panel) Store Cross Site Scripting # Date: 25 Oct 2019 # Exploit Author: Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak # Vendor Homepage: https://control-webpanel.com/ # Version: 0.9.8.885 # CVE : CVE-2019-16295 +++++++++++++++++++++++++++++++++ # Description: +++++++++++++++++++++++++++++++++ User can add XSS payload in Directory Name , Filename , file extension in function "File Manager" +++++++++++++++++++++++++++++++++ # Steps to Reproduce +++++++++++++++++++++++++++++++++ 1. In user panel go to File Management --> File Manager 2. Go to "Create Directory" or "Create File" and insert XSS payload "<img src=x onerror=javascript&colon;alert&lpar;document&period;cookie&rpar;>" 3. XSS will trigger. +++++++++++++++++++++++++++++++++ # PoC +++++++++++++++++++++++++++++++++ https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-16295.md +++++++++++++++++++++++++++++++++ # Timeline +++++++++++++++++++++++++++++++++ 2019-07-19: Discovered the bug 2019-07-19: Reported to vendor 2019-07-23: Vender accepted the vulnerability 2019-10-23: The vulnerability has been fixed 2019-10-25: Advisory published +++++++++++++++++++++++++++++++++ # Discovered by +++++++++++++++++++++++++++++++++ Pongtorn Angsuchotmetee Nissana Sirijirakal Narin Boonwasanarak


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top