UNA 10.0.0 RC1 – ‘polyglot.php’ Persistent Cross-Site Scripting

Exploit Database
16 阅读

作者： Greg.Priest

日期： 2019-08-12
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/47221/

# Exploit Title: [UNA - 10.0.0-RC1 stored XSS vuln.]
# Date: [2019 08 10]
# Exploit Author: [Greg.Priest]
# Vendor Homepage: [https://una.io/]
# Software Link: [https://github.com/unaio/una/tree/master/studio]
# Version: [UNA - 10.0.0-RC1]
# Tested on: [Windows/Linux ]
# CVE : [CVE-2019-14804]

UNA-v.10.0.0-RC1 [Stored XSS Vulnerability]#1

 Sign in to admin and look for the ["etemplates"] page (/studio/polyglot.php?page=etemplates)!
 Click ["Emails"] and edit the templates! Inject the JavaScript code into the ["System Name"] field!
 
 http://127.0.0.1/UNA/studio/polyglot.php?page=etemplates
 
https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2019-14804.pdf

last Exploits
UNA 10.0.0 RC1 – ‘polyglot.php’ Persistent Cross-Site Scripting的更多信息

C99Shell 1.0 Pre-Release build 16 (Web Shell) – ‘ch99.php’ Cross-Site Scripting：
Ecessa Edge EV150 10.7.4 – Cross-Site Request Forgery (Add Superuser)：
OrangeHRM 2.7 RC – ‘/plugins/ajaxCalls/haltResumeHsp.php?hspSummaryId’ SQL Injection：
Reserve Logic 1.2 Booking CMS – Multiple Vulnerabilities：
CF Image Hosting Script 1.3.82 – File Disclosure：
Joomla! Component JEXTN Classified 1.0.0 – ‘sid’ SQL Injection：
Online Book Store 1.0 – Arbitrary File Upload：
Academic Timetable Final Build 7.0 – Information Disclosure：