bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/10354.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

20 lines
No EOL
854 B
Text
Raw Blame History

#################################################################
#
# Viscacha 0.8 Gold persistant XSS vulnerability
# Found By: mr_me
# Download: http://www.viscacha.org/
# Tested On: Windows Vista
# Note: For educational purposes only
#
#################################################################
POC Info:
A regular user of the board can embed javascript code that could be executed within the context of the admin's browser.
If the user edits their own profile by going to "http://[server]/viscacha/editprofile.php?action=profile"
and places "<script>alert(document.cookie)</script>"
into the instant messenger fields and then gives the following link to the admin:
http://[server]/viscacha/profile.php?action=ims&type=msn&id=1
The user could potentially log the admins cookie and reset their own session thus gaining administration access.
Reference in a new issue View git blame Copy permalink