bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/47876.txt
Offensive Security 95c6eeab79 DB: 2020-01-07 
33 changes to exploits/shellcodes

NetShareWatcher 1.5.8.0 - 'Name' Denial Of Service
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)
SpotIE 2.9.5 - 'Key' Denial of Service (PoC)
Dnss Domain Name Search Software - 'Key' Denial of Service (PoC)
BlueAuditor 1.7.2.0 - 'Name' Denial of Service (PoC)
ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service (PoC)
NetShareWatcher 1.5.8.0 - 'Key' Denial of Service (PoC)
Dnss Domain Name Search Software - 'Name' Denial of Service (PoC)
TextCrawler Pro3.1.1 - Denial of Service (PoC)
RemShutdown 2.9.0.0 - 'Key' Denial of Service (PoC)
Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service (PoC)
RemShutdown 2.9.0.0 - 'Name' Denial of Service (PoC)
NBMonitor 1.6.6.0 - 'Key' Denial of Service (PoC)
Office Product Key Finder 1.5.4 - Denial of Service (PoC)
SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service (PoC)
SpotMSN 2.4.6 - 'Name' Denial of Service (PoC)
SpotIM 2.2 - 'Name' Denial Of Service
FTPGetter Professional 5.97.0.223 -  Denial of Service (PoC)
Duplicate Cleaner Pro 4 - Denial of Service (PoC)
Microsoft Outlook VCF cards - Denial of Service (PoC)
Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path
Windows - Shell COM Server Registrar Local Privilege Escalation
Dairy Farm Shop Management System 1.0 - 'username' SQL Injection
Complaint Management System 4.0 - 'cid' SQL injection
IBM RICOH Infoprint 1532 Printer - Persistent Cross-Site Scripting
Subrion CMS 4.0.5 - Cross-Site Request Forgery (Add Admin)
Hostel Management System 2.0 - 'id' SQL Injection
elaniin CMS 1.0 - Authentication Bypass
Small CRM 2.0 - Authentication Bypass
Voyager 1.3.0 - Directory Traversal
Codoforum 4.8.3 - Persistent Cross-Site Scripting
Django < 3.0 < 2.2 < 1.11 - Account Hijack

Linux/x86 - Execve() Alphanumeric Shellcode (66 bytes)
2020-01-07 05:02:07 +00:00

22 lines
No EOL
940 B
Text
Raw Blame History

# Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting
# Google Dork: intext:"Powered by Codoforum"
# Date: 2020-01-03
# Exploit Author: Prasanth c41m, Vyshnav Vizz
# Vendor Homepage: https://codoforum.com/index.php
# Software Link: https://codoforum.com/buy
# Version: Codoforum 4.8.3
# Tested on: [relevant os]
# CVE : [if applicable]
# source: https://medium.com/@c41m/b2e1133c6a91?
Codoforum is prone to a stored xss vulnerability.
An attacker can exploit this issue to creating user with payload and perform cross-site scripting attacks.
Codoforum version 4.8.3 is vulnerable.
1. Install Codoforum 4.8.3 in a local server.
2. Goto http://localhost/index.php?u=/user/register
3. Create a user using :-
username : "><svg/onload=alert(1)>
password : password
email : c41m@email.com
4. Now goto http://localhost/admin/index.php?page=users/manage, an XSS alert popup will be triggered here.
Reference in a new issue View git blame Copy permalink