ea7a01d8fb
18 changes to exploits/shellcodes Sudo 1.8.25p - 'pwfeedback' Buffer Overflow (PoC) Sudo 1.8.25p - Buffer Overflow Torrent iPod Video Converter 1.51 - Stack Overflow DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path FreeSSHd 1.3.1 - 'FreeSSHDService' Unquoted Service Path Sync Breeze Enterprise 12.4.18 - 'Sync Breeze Enterprise' Unquoted Service Path DVD Photo Slideshow Professional 8.07 - 'Name' Buffer Overflow Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path Disk Savvy Enterprise 12.3.18 - Unquoted Service Path Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow Sudo 1.8.25p - 'pwfeedback' Buffer Overflow OpenSMTPD 6.4.0 < 6.6.1 - Local Privilege Escalation + Remote Code Execution Microsoft SharePoint - Deserialization Remote Code Execution CHIYU BF430 TCP IP Converter - Stored Cross-Site Scripting Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting WordPress InfiniteWP - Client Authentication Bypass (Metasploit)
16 lines
No EOL
561 B
Text
16 lines
No EOL
561 B
Text
# Exploit Title: Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting
|
|
# Google Dork: N/A
|
|
# Date: 2020-02-10
|
|
# Exploit Author: Sayak Naskar
|
|
# Vendor Homepage: https://vanillaforums.com/en/
|
|
# Version: 2.6.3
|
|
# Tested on: Windows, Linux
|
|
# CVE : CVE-2020-8825
|
|
|
|
A Stored xss was found in Vanillaforum 2.6.3 .
|
|
|
|
index.php?p=/dashboard/settings/branding
|
|
|
|
# Proof of Concept:
|
|
|
|
An attacker will insert a payload on branding section. So, whenever an user will open the branding section then attacker automatically get all sensitive information of the user. |