Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

October CMS Cross Site Scripting

🗓️ 19 Feb 2018 00:00:00Reported by Samrat DasType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 65 Views

October CMS Stored Code Injection. Malicious HTML commands executed without input validatio

Related
Code
ReporterTitlePublishedViews
Family
0day.today		October CMS < 1.0.431 - Cross-Site Scripting Vulnerability
20 Feb 201800:00
zdt
CVE		CVE-2018-7198
18 Feb 201803:00
cve
Cvelist		CVE-2018-7198
18 Feb 201803:00
cvelist
EUVD		EUVD-2022-3305
3 Oct 202520:07
euvd
Github Security Blog		October CMS - RainLab Blog Plugin XSS
13 May 202201:24
github
NVD		CVE-2018-7198
18 Feb 201803:29
nvd
OSV		GHSA-96MH-7XPR-QCGW October CMS - RainLab Blog Plugin XSS
13 May 202201:24
osv
Prion		Deserialization of untrusted data
18 Feb 201803:29
prion
`# Exploit Title: October CMS Stored Code Injection  
# Date: 16-02-2018  
# Exploit Author: Samrat Das  
# Contact: http://twitter.com/Samrat_Das93  
# Website: https://securitywarrior9.blogspot.in/  
# Vendor Homepage: *https://octobercms.com/ <https://octobercms.com/>*  
# Version: All versions till date from 1.0.431  
# CVE : CVE- 2018-7198  
# Category: WebApp CMS  
  
1. Description  
  
The application source code is coded in a way which allows malicious  
crafted HTML commands to be executed without input validation  
  
2. Proof of Concept  
  
1. Visit the application  
2. Visit the Add posts page  
3. Goto edit function, add any html based payload and its gets stored and executed subsequently.  
  
Proof of Concept  
  
Steps to Reproduce:  
  
1. Create any HTML based payload such as:  
  
Username:<input type=text> <br>  
Password: <input type=text> <br>  
<button type="button">Login</button>  
  
2. This hosted page with form action implemented upon clicked by user will lead to exfiltration of credentials apart from performing a host of other actions such as stored xss and another similiar attacks.  
  
  
  
3. Solution:  
  
Implement through input validation to reject unsafe html input.  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 Feb 2018 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.01085
october cmsstored code injectionhtml commandsinput validationcve-2018-7198webapp cmssecurity vulnerability
65