exploit the possibilities

GigToDo 1.3 Cross Site Scripting

GigToDo 1.3 Cross Site Scripting
Posted Jul 29, 2019
Authored by m0ze

GigToDo versions 1.3 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3a6a535984f7271af1b14f3229ecb83b

GigToDo 1.3 Cross Site Scripting

Change Mirror Download
# Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection
# Google Dork: -
# Date: 2019/07/28
# Author: m0ze
# Vendor Homepage: https://www.gigtodoscript.com
# Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/23855397
# Version: <= 1.3
# Tested on: NginX/1.15.10
# CVE: -
# CWE: CWE-79


Details & Description:
The «GigToDo - Freelance Marketplace Script» web-application is vulnerable
to reflected and persistent XSS injections that allows an attacker to
inject JavaScript/HTML code into the front-end, redirect visitor to another
website or steal admin cookies.


PoC [Persistent XSS Injection]:
Register a new account, log in and go to the
https://www.site.com/proposals/create_proposal page. Vulnerable text area
is «Proposal's Description», so paste your payload inside, fill in other
fields and save the data TWICE or your payload WILL NOT WORK. So literally
paste your payload inside the «Proposal's Description» text area and scroll
down to «Update Proposal» button, press it and your data will be saved.
After that u'll be redirected to
https://www.site.com/proposals/view_proposals.php page. Select your created
proposal and press green square dropdown menu on the right («Actions»
column) and click on «Edit» link. After that just don't change anything,
scroll down to «Update Proposal» button, press it and your data will be
saved ONE MORE TIME. That's it, now your payload will work.
Example #1: <h1
onmouseover=';alert(`m0ze`);'>m0ze</h1>1"--><svg/onload=';alert(`Script is
fully protected from SQL Injection and XSS ©`);'><img src='x'
onerror=';alert(`For sure lol`);'>
Example #2: <h1 onmouseover=';alert(`Greetz from
m0ze`);'>m0ze</h1>1"--><svg/onload=';window.location.replace(`
https://twitter.com/m0ze_ru`);'>
Login or Register to add favorites

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close