b4225f5fa8
12 changes to exploits/shellcodes SQL Server Password Changer 1.90 - Denial of Service Easy MP3 Downloader 4.7.8.8 - 'Unlock Code' Denial of Service Asus Precision TouchPad 11.0.0.25 - Denial of Service VX Search Enterprise 10.4.16 - 'User-Agent' Denial of Service Canon PRINT 2.5.5 - Information Disclosure QEMU - Denial of Service Sentrifugo 3.2 - File Upload Restriction Bypass Sentrifugo 3.2 - Persistent Cross-Site Scripting DomainMod 4.13 - Cross-Site Scripting YouPHPTube 7.4 - Remote Code Execution WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting
19 lines
No EOL
743 B
Text
19 lines
No EOL
743 B
Text
# Exploit Title: DomainMod <= 4.13 - Cross-Site Scripting
|
|
# Date: 30 August 2019
|
|
# Exploit Author: Damian Ebelties (https://zerodays.lol/)
|
|
# Vendor Homepage: https://domainmod.org/
|
|
# Version: <= 4.13
|
|
# Tested on: Ubuntu 18.04.1
|
|
# CVE: CVE-2019-15811
|
|
|
|
The software 'DomainMOD' is vulnerable for Cross-Site Scripting in the
|
|
file '/reporting/domains/cost-by-month.php' in the parameter 'daterange'.
|
|
|
|
As of today (30 August 2019) this issue is unfixed.
|
|
|
|
Almost all other files that use the parameter 'daterange' are vulnerable.
|
|
See: https://github.com/domainmod/domainmod/tree/master/reporting/domains
|
|
|
|
Proof-of-Concept:
|
|
|
|
https://domain.tld/reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(1)%22autofocus=%22 |