Private Message PHP Script 2.0 – Cross-Site Scripting

Exploit Database
85 阅读

作者： L0RD

日期： 2018-05-21
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/44662/

# Exploit Title:Private Message PHP Script 2.0 - Persistent Cross-Site scripting
# Date: 2018-05-20
# Exploit Author: Borna nematzadeh (L0RD)
# Vendor Homepage: https://codecanyon.net/item/private-message-php-script/21027192?s_rank=1
# Version: 2.0
# Tested on: Windows

# Description :
Private Message PHP Script 2.0 suffers from persistent cross site scripting.
You can put your malicious javascript payload .
When target opens your massege ,payload will be executed before self destruction .

# POC :
1) Put this payload into textarea and click submit :
</textarea><script>alert(document.cookie)</script>

2) You will get a link which your javascript code is inside this link . You can send this link to anyone .
3) After clicking on "show me the message" , payload will be executed .

last Exploits
Private Message PHP Script 2.0 – Cross-Site Scripting的更多信息

WordPress Plugin Placester 0.1 – ‘ajax_action’ Cross-Site Scripting：
Barnraiser Prairie – ‘get_file.php’ Directory Traversal：
Meteocontrol WEB’log – Admin Password Disclosure (Metasploit)：
Yellow Pages Script 3.2 – ‘category_id’ SQL Injection：
Multiple WordPress Plugins – ‘timthumb.php’ File Upload：
Apache < 2.2.34 / < 2.4.27 - OPTIONS Memory Leak：
Iatek PortalApp 3.3/4.0 – ‘login.asp’ Multiple Cross-Site Scripting Vulnerabilities：
Control Web Panel 7 (CWP7) v0.9.8.1147 – Remote Code Execution (RCE)：