October CMS User Plugin 1.4.5 – Persistent Cross-Site Scripting

Exploit Database
83 阅读

作者： 0xB9

日期： 2018-04-26
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/44546/

# Exploit Title: October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting
# Date: 2018-04-03
# Author: 0xB9
# Software Link: https://octobercms.com/plugin/rainlab-user
# Version: 1.4.5
# Tested on: Ubuntu 17.10
# CVE: CVE-2018-10366

#1. Description:
Front-end user management for October CMS. Allows visitors to create a website.

#2. Proof of Concept:

Persistent XSS
- Go to the account page localhost/OctoberCMS/account/
- Register & enter the following for your full name <p """><SCRIPT>alert("XSS")</SCRIPT>">
- You will be alerted everytime you visit the account page localhost/OctoberCMS/account/

#3. Solution:
Update to 1.4.6

last Exploits
October CMS User Plugin 1.4.5 – Persistent Cross-Site Scripting的更多信息

Netautor Professional 5.5 – ‘login2.php’ Cross-Site Scripting：
Maitra Mail Tracking System 1.7.2 – SQL Injection / Database File Download：
Faveo Helpdesk Community 1.9.3 – Cross-Site Request Forgery：
Joomla! Component com_simplephotogallery 1.0 – Arbitrary File Upload：
Hyvikk Fleet Manager – Shell Upload：
WSTMart 2.0.8 – Cross-Site Request Forgery (Add Admin)：
WordPress Plugin Age Verification 0.4 – Open Redirect：
WordPress adivaha Travel Plugin 2.3 – SQL Injection：