Lucene search
Dennis VeningaEXPLOITPACK:4585372AE95BEDE167BDB668F026CC4CHistoryJan 17, 2018 - 12:00 a.m.
Reservo Image Hosting Script 1.5 - Cross-Site Scripting
2018-01-1700:00:00
Dennis Veninga
6
0.001 Low
EPSS
Percentile
45.5%
Reservo Image Hosting Script 1.5 - Cross-Site Scripting
# Exploit Title: Reservo Image Hosting Script 1.5 - Cross Site Scripting
# Date: 15-01-2018
# Exploit Author: Dennis Veninga
# Contact Author: d.veninga [at] networking4all.com
# Vendor Homepage: reservo.co
# Version: 1.6
# CVE-ID: CVE-2018-5705
With support for automatic thumbnails & image resizing in over 200 image
formats, robust privacy options, secure image manager, external storage a
feature rich admin area and free migration scripts, Reservo really does
tick every box.
Reservo Image Hosting is vulnerable to XSS attacks. The affected function
is its search engine. Since there is an user/admin login interface, it's
possible for attackers to steal sessions of users and thus admin(s). By
sending users an infected URL, code will be executed.
---------------------------
---------------------------
PoC:
https://
{{target}}/search/?s=image&t=%27%29%3B%2522%2520style%253D%22%3Cscript%3Ealert%281%29%3C%2Fscript%3E%3C
---------------------------
---------------------------
Evil javascript code can be inserted and will be executed when visiting the
linkRelated
openvas
openvas
Reservo Image Hosting Script < 1.6.1 XSS Vulnerability
2018-01-18 00:00:00
cve
cve
CVE-2018-5705
2018-01-24 17:29:00
packetstorm
packetstorm
Reservo Image Hosting Script 1.5 Cross Site Scripting
2018-01-17 00:00:00
cvelist
cvelist
CVE-2018-5705
2018-01-24 17:00:00
zdt
zdt
Reservo Image Hosting Script 1.5 - Cross-Site Scripting Vulnerability
2018-01-17 00:00:00
prion
prion
Design/Logic Flaw
2018-01-24 17:29:00
nvd
nvd
CVE-2018-5705
2018-01-24 17:29:00
exploitdb
exploitdb
Reservo Image Hosting Script 1.5 - Cross-Site Scripting
2018-01-17 00:00:00