809d81619e
4 changes to exploits/shellcodes/ghdb Calibre-web 0.6.21 - Stored XSS Helpdeskz v2.0.2 - Stored XSS
29 lines
No EOL
1 KiB
Text
29 lines
No EOL
1 KiB
Text
# Exploit Title: Stored XSS Vulnerability via File Name
|
|
# Google Dork: N/A
|
|
# Date: 08 Aug 2024
|
|
# Exploit Author: Md. Sadikul Islam
|
|
# Vendor Homepage: https://www.helpdeskz.com/
|
|
# Software Link:
|
|
https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip
|
|
# Version: v2.0.2
|
|
# Tested on: Kali Linux / Firefox 115.1.0esr (64-bit)
|
|
# CVE : N/A
|
|
|
|
Payload: "><img src=x onerror=alert(1);>
|
|
Filename can be Payload: "><img src=x onerror=alert(1);>.jpg
|
|
|
|
VIdeo PoC:
|
|
https://drive.google.com/file/d/1_yh0UsX8h7YcSU1kFvg_bBwk9T7kx1K1/view?usp=drive_link
|
|
|
|
Steps to Reproduce:
|
|
1. Log in as a regular user and create a new ticket.
|
|
2. Fill out all the required fields with the necessary information.
|
|
3. Attach an image file with a malicious payload embedded in the
|
|
filename.
|
|
4. Submit the ticket.
|
|
5. Access the ticket from the administration panel to trigger the
|
|
payload execution.
|
|
|
|
Cross-Site Scripting (XSS) exploits can compromise the administration
|
|
panel, directly affecting administrators by allowing malicious scripts to
|
|
execute within their privileged environment. |