AjentiCP 1.2.23.13 – Cross-Site Scripting

• Exploit Database
• 17 阅读

• 作者： Numan OZDEMIR
  日期： 2018-10-25
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/45691/

• # Title: AjentiCP 1.2.23.13 - Cross-Site Scripting
  # Author: Numan OZDEMIR (https://infinitumit.com.tr)
  # Vendor Homepage: ajenti.org
  # Software Link: https://github.com/ajenti/ajenti
  # Version: Up to v1.2.23.13
  # CVE: CVE-2018-18548
  
  # Description:
  
  # Attacker can inject JavaScript codes without Ajenti privileges by this
  # vulnerabillity.
  # Normally an attacker cant intervene to Ajenti without Ajenti privileges.
  # But with this vulnerability, if attacker can create a folder (may be by
  # a web app vulnerability) he can run
  # bad-purposed JavaScript codes on Ajenti user's browser, while the user
  # using File Manager tool.
  # So this vulnerability makes high risk.
  
  # How to Reproduce:
  1)- Create a directory as named xss payload. Like, im<img src onerror=alert(1337)>dir
  2)- Open this directory in File Manager tool in Ajenti server admin panel.