Helpdeskz v2.0.2 – Stored XSS

• Exploit Database
• 505 阅读

• 作者： Md. Sadikul Islam
  日期： 2024-08-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/52068/

• # Exploit Title: Stored XSS Vulnerability via File Name
  # Google Dork: N/A
  # Date: 08 Aug 2024
  # Exploit Author: Md. Sadikul Islam
  # Vendor Homepage: https://www.helpdeskz.com/
  # Software Link:
  https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip
  # Version: v2.0.2
  # Tested on: Kali Linux /Firefox 115.1.0esr (64-bit)
  # CVE : N/A
  
  Payload: "><img src=x onerror=alert(1);>
  Filename can be Payload: "><img src=x onerror=alert(1);>.jpg
  
  VIdeo PoC:
  https://drive.google.com/file/d/1_yh0UsX8h7YcSU1kFvg_bBwk9T7kx1K1/view?usp=drive_link
  
  Steps to Reproduce:
  1. Log in as a regular user and create a new ticket.
  2. Fill out all the required fields with the necessary information.
  3. Attach an image file with a malicious payload embedded in the
  filename.
  4. Submit the ticket.
  5. Access the ticket from the administration panel to trigger the
  payload execution.
  
  Cross-Site Scripting (XSS) exploits can compromise the administration
  panel, directly affecting administrators by allowing malicious scripts to
  execute within their privileged environment.