Search...

phpcal-xss.txt

2008-09-29T00:00:00

ID PACKETSTORM:70440
Type packetstorm
Reporter CWH Underground
Modified 2008-09-29T00:00:00

Description

                                        
                                            `==============================================================  
PHP Calendar Script Remote XSS (Permanent) Vulnerabilities  
==============================================================  
  
,--^----------,--------,-----,-------^--,  
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..  
`+---------------------------^----------|  
`\_,-------, _________________________|  
/ XXXXXX /`| /  
/ XXXXXX / `\ /  
/ XXXXXX /\______(  
/ XXXXXX /   
/ XXXXXX /  
(________(   
`------'  
  
AUTHOR : CWH Underground  
DATE : 28 September 2008  
SITE : cwh.citec.us  
  
  
#####################################################  
APPLICATION : PHP Calendar Script  
VERSION : 6.3.25  
VENDOR : www.easyphpcalendar.com  
DOWNLOAD : http://www.easyphpcalendar.com/freeDownload.php  
#####################################################  
  
  
  
--- Permanent Cross Site Scripting ---  
  
-----------------  
Vulnerable Page   
-----------------  
  
[+]http://[Target]/[path]/events/index.php?PHPSESSID=[md5number]&add=1  
  
Ex:  
  
[+]http://[Target]/[path]/events/index.php?PHPSESSID=e99299396b831fe9226b7d5de21edaff&add=1  
  
This page is used to Add New Event and there is a feild "Details:" which is prepared for inserting detail of the event.  
We can inject javascript into this feild as result in "Stored XSS".  
  
-----------------  
Example code   
-----------------  
  
Details:  
  
&lt;textarea rows="10" style="width: 99%;" id="descr" name="descr"/&gt;  
  
Note : - [md5number] is the session id which will generate automatically after we login  
- In order to be the user, must be added by Master Administrator  
  
  
#####################################################################  
Greetz : ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos  
Special Thx : asylu3, str0ke, citec.us, milw0rm.com  
#####################################################################  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:70440", "type": "packetstorm", "bulletinFamily": "exploit", "title": "phpcal-xss.txt", "description": "", "published": "2008-09-29T00:00:00", "modified": "2008-09-29T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/70440/phpcal-xss.txt.html", "reporter": "CWH Underground", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:21:22", "viewCount": 1, "enchantments": {"score": {"value": -0.4, "vector": "NONE", "modified": "2016-11-03T10:21:22", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:21:22", "rev": 2}, "vulnersScore": -0.4}, "sourceHref": "https://packetstormsecurity.com/files/download/70440/phpcal-xss.txt", "sourceData": "`============================================================== \nPHP Calendar Script Remote XSS (Permanent) Vulnerabilities \n============================================================== \n \n,--^----------,--------,-----,-------^--, \n| ||||||||| `--------' | O .. CWH Underground Hacking Team .. \n`+---------------------------^----------| \n`\\_,-------, _________________________| \n/ XXXXXX /`| / \n/ XXXXXX / `\\ / \n/ XXXXXX /\\______( \n/ XXXXXX / \n/ XXXXXX / \n(________( \n`------' \n \nAUTHOR : CWH Underground \nDATE : 28 September 2008 \nSITE : cwh.citec.us \n \n \n##################################################### \nAPPLICATION : PHP Calendar Script \nVERSION : 6.3.25 \nVENDOR : www.easyphpcalendar.com \nDOWNLOAD : http://www.easyphpcalendar.com/freeDownload.php \n##################################################### \n \n \n \n--- Permanent Cross Site Scripting --- \n \n----------------- \nVulnerable Page \n----------------- \n \n[+]http://[Target]/[path]/events/index.php?PHPSESSID=[md5number]&add=1 \n \nEx: \n \n[+]http://[Target]/[path]/events/index.php?PHPSESSID=e99299396b831fe9226b7d5de21edaff&add=1 \n \nThis page is used to Add New Event and there is a feild \"Details:\" which is prepared for inserting detail of the event. \nWe can inject javascript into this feild as result in \"Stored XSS\". \n \n----------------- \nExample code \n----------------- \n \nDetails: \n \n<textarea rows=\"10\" style=\"width: 99%;\" id=\"descr\" name=\"descr\"/> \n \nNote : - [md5number] is the session id which will generate automatically after we login \n- In order to be the user, must be added by Master Administrator \n \n \n##################################################################### \nGreetz : ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos \nSpecial Thx : asylu3, str0ke, citec.us, milw0rm.com \n##################################################################### \n`\n"}