Ekushey Project Manager CRM 5.0 Cross Site Scripting

2023.07.13
Credit: CraCkEr
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: Ekushey Project Manager CRM 5.0 - Stored XSS # Exploit Author: CraCkEr # Vendor: Creativeitem # Vendor Homepage: https://creativeitem.com/ # Software Link: https://demo.creativeitem.com/ekushey/ # Tested on: Windows 10 Pro # Impact: Manipulate the content of the site ## Description Allow Attacker to inject malicious code into website, give ability to steal sensitive information, manipulate data, and launch additional attacks. Path: /ekushey/index.php/client/message/message_read/xxxxxxxx[random-msg-hash] POST parameter 'message' is vulnerable to XSS ----------------------------------------------- POST /ekushey/index.php/client/message/send_reply/8c8936d3 HTTP/2 ----------------------------------------------- Content-Disposition: form-data; name="message" <script>alert(1)</script> ----------------------------------------------- ## Steps to Reproduce: 1. Login as (Client) 2. Go to [Message] on this Path: https://website/ekushey/index.php/client/message 3. Select any Person to MSG (Clients or ADMINS] 4. Inject your XSS Payload in [Replay Message] 5. Send 6. XSS Fired on Local Browser 7. When ADMIN visit [Dashboard] or any section in Administration Panel on this Path : https://website/ekushey/index.php/admin/dashboard 8. XSS Will Fire and Executed on his Browser [-] Done


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top