Submit #174888: Classified Ads Script 1.8 - Stored XSS - Reflected XSSinfo

TitleClassified Ads Script 1.8 - Stored XSS - Reflected XSS
DescriptionAuthor : skalvin aka (CraCkEr) Website : https://simplephpscripts.com/classified-ads-script-php/ Vendor : SimplePHPscripts Software : Classified Ads Script 1.8 Vuln Type: Reflected XSS - Stored XSS Impact : Manipulate the content of the site Release Notes: Reflected XSS The attacker can send to victim a link containing a malicious URL in an email or instant message can perform a wide variety of actions, such as stealing the victim's session token or login credentials Stored XSS Allow Attacker to inject malicious code into website, give ability to steal sensitive information, manipulate data, and launch additional attacks. Path: /preview.php GET 'p' parameter is vulnerable to RXSS https://website/preview.php?id=14&cat_id=0&p=reioh%22%3e%3cscript%3ealert(1)%3c%2fscript%3eiv1mz&search= Path: / URL parameter is vulnerable to RXSS https://website/preview.php/x5t6p"><script>alert(1)</script>w5omd?id=14&cat_id=0&p=&search= ## Stored XSS ----------------------------------------------- POST /classified-ads-script-php/classifiedscript/user.php HTTP/2 Content-Disposition: form-data; name="title" <script>alert(1)</script> ----------------------------------------------- POST parameter 'title' is vulnerable to XSS ## Steps to Reproduce: 1. As a [Normal User] Click on [Create Classified Ad] to create a [New Ads] on this Path (https://website/user.php?act=newAds) 2. Inject your [XSS Payload] in "Enter Title" 3. Save 4. XSS Fired on Local User Browser 5. When ADMIN check [Classified Ads Entry List] in Administration Panel to check [Waiting Approval Ads] on this Path (https://website/admin.php?act=ads) 6. XSS Will Fire and Executed on his Browser [-] Done
User
 skalvin (UID 49463)
Submission06/28/2023 00:41 (3 years ago)
Moderation06/29/2023 22:16 (2 days later)
StatusAccepted
VulDB entry232711 [SimplePHPscripts Classified Ads Script 1.8 HTTP POST Request user.php Title cross site scripting]
Points17

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!