bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/48897.txt
Offensive Security ae14b71248 DB: 2020-10-20 
16 changes to exploits/shellcodes

Tourism Management System 1.0 - Arbitrary File Upload
Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting
Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection
Nagios XI 5.7.3 - 'SNMP Trap Interface' Authenticated SQL Injection
Online Student's Management System 1.0 - Remote Code Execution (Authenticated)
Online Discussion Forum Site 1.0 - XSS in Messaging System
Online Job Portal 1.0 - Cross Site Scripting (Stored)
HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal
HiSilicon Video Encoders - RCE via unauthenticated command injection
HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware
HiSilicon Video Encoders - Full admin access via backdoor password
HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS)
Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in
Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)
Typesetter CMS 5.1 - Arbitrary Code Execution (Authenticated)
Textpattern CMS 4.6.2 - Cross-site Request Forgery
2020-10-20 05:02:13 +00:00

17 lines
No EOL
1.2 KiB
Text
Raw Blame History

# Exploit Title: Online Discussion Forum Site 1.0 - XSS in Messaging System
# Google Dork: N/A
# Date: 2020-10-17
# Exploit Author: j5oh
# Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html
# Software Link: https://www.sourcecodester.com/download-code?nid=14233&title=Online+Discussion+Forum+Site
# Version: 1.0 (REQUIRED)
# Tested on: Windows 10 / Wamp Server
# CVE : N/A
The messaging subsystem in the Online Discussion Forum is vulnerable to XSS in the message body. This will execute when viewing the messages page: http://localhost/Online%20Discussion%20Forum%20Site/messages.php.
XSS can be done through the messaging interface, go to http://localhos/Online%20Discussion%20Forum%20Site/messages.php, select 'Send New Message', search for the user to send the message to, click the 'Send Message' button next to the user, and add the javascript in the message body. Alternatively, if you know the user id you can just send the message directly thought the tt parameter of http://localhost/Online%20Discussion%20Forum%20Site/messageH.php.
# PoC:
curl -d 'uto=1&tt=<script> alert("XSS"); </script>' -b "PHPSESSID=798bkt3dkvoczjp7arnco3jf0c" http://localhost/Online%20Discussion%20Forum%20Site/messageH.php
Reference in a new issue View git blame Copy permalink