Invision Power Board (IP.Board) 4.x – Persistent Cross-Site Scripting

Exploit Database
13 阅读

作者： snop

日期： 2015-08-27
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/37989/

# Exploit Title: IP.Board 4.X Stored XSS
# Date: 27-08-2015
# Software Link: https://www.invisionpower.com/
# Exploit Author: snop.
# Contact: http://twitter.com/rabbitz_org
# Website: http://rabbitz.org
# Category: webapps

1. Description

A registered or non-registered user can create a calendar event
including malicious JavaScript code who will be permanently stored in
the pages source.

2. Proof of Concept

http://URL_TO_FORUM/calendar/submit/?calendar=1

POST:
Affected Paramter: event_location[address][]

3. Solution

Update to version 4.0.12.1
https://community.invisionpower.com/release-notes/40121-r22/

Disclosure Timeline
27.07.15: Vendor notified
05.08.15: Fix released
27.08.15: Public disclosure

last Exploits
Invision Power Board (IP.Board) 4.x – Persistent Cross-Site Scripting的更多信息

Mess Management System 1.0 – SQL Injection：
FS OLX Clone – ‘catg_id’ SQL Injection：
iTech StockPhoto Script 2.02 – SQL Injection：
Image and Video Script – SQL Injection：
Joomla VirtueMart Shopping Cart 4.0.12 – Reflected XSS：
Online Diagnostic Lab Management System 1.0 – Account Takeover (Unauthenticated)：
D-Link Routers – Authentication Bypass (1)：
Vanilla FirstLastNames 1.3.2 Plugin – Persistent Cross-Site Scripting：