Lucene search
Supernaruto16CB5B8563-15CF-408C-9F79-4871EA0A8713HistoryJan 21, 2022 - 4:04 p.m.
in jsdecena/laracom
2022-01-2116:04:02
supernaruto16
www.huntr.dev
10
vulnerability
jsdecena/laracom
uploading
dangerous file types
xss
proof of concept
demo video
bugbounty
EPSS
0.001
Percentile
21.4%
Description
Hi there, I would like to report a vulnerability that allows a hacker to upload dangerous file type in jsdecena/laracom.
Attacker must have an account with permission to Edit Product (E.g. Clerk role).
Then, he can upload malcious file with extensions such as html, svg,β¦ which leads to XSS.
Proof of Concept
-
βAfter login, go to
Products / List Products, click onActions / Edit. -
In
CoverorImagesfields, upload html files with xss payload inside. For example:<script> alert(document.cookie) </script>. -
Click on
updatebutton to save. -
Demo Video: https://drive.google.com/file/d/1BsfbHp1I47E02ZKaa6ZhcjmHMxD6Jho4/view?usp=sharing
Impact
This vulnerability is capable of uploading dangerous file to serve
Related
github
github
Unrestricted Upload of File with Dangerous Type in jsdecena/laracom
2022-02-06 00:01:07
cve
cve
CVE-2022-0472
2022-02-04 23:15:12
cvelist
cvelist
prion
prion
Unrestricted file upload
2022-02-04 23:15:00
osv
osv
CVE-2022-0472
2022-02-04 23:15:12
Unrestricted Upload of File with Dangerous Type in jsdecena/laracom
2022-02-06 00:01:07
nvd
nvd
CVE-2022-0472
2022-02-04 23:15:12