####################### Exploit Title: Persistent ZeroCMS Cross-Site Scripting Vulnerability# Discovered by: Mayuresh Dani# Vendor Homepage: http://www.aas9.in/zerocms/# Software Link: https://github.com/pcx1256/zerocms/archive/master.zip# Version: 1.0?# Date: 2014-07-25# Tested on: Windows 7 / Mozilla Firefox
Ubuntu 14.04/ Mozilla Firefox
# CVE: CVE-2014-4710####################### Vulnerability Disclosure Timeline:2014-06-15:Discovered vulnerability
2014-06-23:Vendor Notification (Support e-mail address)2014-07-25:Public Disclosure
# Description
ZeroCMS is a very simple Content Management System Built using PHP and
MySQL.
The application does not validate anyinput to the "Full Name", "Email
Address", "Password" or "Confirm Password" functionality. It saves this
unsanitized inputin the backend databased and executes it when visiting
the subsequent orany logged-in pages.####################### Steps to reproduce the vulnerability1) Visit the "Create Account" page (eg.
http://localhost/zerocms/zero_transact_user.php)2) Enter your favourite XSS payload and click on "Create Account"3) Enjoy!
More information:
https://community.qualys.com/blogs/securitylabs/2014/07/24/yet-another-zerocms-cross-site-scripting-vulnerability-cve-2014-4710#####################
Thanks,
Mayuresh.
