5f3f5c8f09
18 changes to exploits/shellcodes Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC) MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC) ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (DoS) runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (1) exacqVision ESM 5.12.2 - Privilege Escalation runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2) Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure) Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure) DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting DomainMOD 4.11.01 - 'category.php CatagoryName_ StakeHolder' Cross-Site Scripting DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)
16 lines
No EOL
725 B
Text
16 lines
No EOL
725 B
Text
# Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting
|
|
# Date: 2018-11-22
|
|
# Exploit Author: Mohammed Abdul Raheem
|
|
# Vendor Homepage: domainmod (https://domainmod.org/)
|
|
# Software Link: domainmod (https://github.com/DomainMod/DomainMod)
|
|
# Version: v4.09.03 to v4.11.01
|
|
# CVE : CVE-2018-20009
|
|
|
|
# A Stored Cross-site scripting (XSS) was discovered in DomainMod application
|
|
# versions from v4.09.03 to v4.11.01
|
|
# After logging into the Domainmod application panel, browse to the
|
|
/assets/add/ssl-provider.php page and inject a javascript XSS payload
|
|
in ssl-provider-name, ssl-provider's-url "><img src=x
|
|
onerror=alert("Xss-By-Abdul-Raheem")>
|
|
|
|
#POC : attached here https://github.com/domainmod/domainmod/issues/88 |