WEBIGniter 28.7.23 Cross Site Scripting

Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting XSS Exploit Author: Sagar Banwa Date: 19/10/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Tested on: Windows 10/Kali Linux CVE :...

New password can be set as same as the old password

Description The web application allows us to set new password as the old one at Password change function. Detail: 1/ Access to the demo website and go to My profile. 2/ Choose Edit profile, at the Security tab, change the password with the new password and the old password are the same. 3/ Logout...

Reflected XSS at upload file

Description 1/ Access to the demo website and login at this case I used user admin 2/ At function upload photo to an album, try upload a file with the name is payload XSS. 3/ The payload will be triggered at error content. Proof of Concept Video PoC:...

demo.ilocalweb.com.au Cross Site Scripting vulnerability OBB-3226636

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Weak password at demo website version 3.1.9

Description The demo website is now version 3.1.9 but still affected of weak password requirement. Proof of Concept 1. Login to the demo website with any users. 2. Use "Change password" function, set the new password is number 1. 3. It's successful, try to re-login to check it...

Stored XSS in multiple menus

Description The demo website is affected of stored XSS at multiple menus. Proof of Concept 01 1. Access to the demo website http://demos4.softaculous.com/ 2. Login with admin user they provide, press on menu Uploader, in Uploader tab, try to upload whichever file then choose Media manager tab. 3...

Password can be set extremely weak

Description In this scenario, I use the demo website. It allows us to add more user to test. With password, we can set it 1 Or any charater. There is no policy for password or no password checking. Moreover, it also allows us to change password and the new password also can be set with password...

demo.myext.ru Cross Site Scripting vulnerability OBB-2846522

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Malicious code in ayalon-demo-website-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19a8e8fa18dc522718907d033a494ba3caeb4164e641ae7dc4ab866c88cb8886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1215 Malicious code in ayalon-demo-website-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19a8e8fa18dc522718907d033a494ba3caeb4164e641ae7dc4ab866c88cb8886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cross-site Scripting (XSS) - Stored

Description Stored Cross-Site Scripting XSS vulnerability due to the lack of content validation and output encoding. Proof of Concept 1.Access demo website https://demo.syspass.org and login with an account. 2.Create new account, in URL/IP field - input https://google.com"...

demo.yoursuperstores.com Cross Site Scripting vulnerability OBB-2373919

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

demo.yolotheme.com Cross Site Scripting vulnerability OBB-2159333

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description In Ticket section , you protect tickets from being deleted with CSRF attacks but if I set CSRF token to nothings then I able to delete arbitrary tickets only with knowing their "trackid" parameter. 🕵️‍♂️ Proof of Concept // PoC.html history.pushState'', '', '/' 💥 Impact This...

Real Estate 7 < 2.9.5 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'Real Estate 7 WordPress', tested version — v2.9.4: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - Authenticated Persistent Self-XSS - IDOR - Information Exposure Edit WPScanTeam: January 12th - Report Received & Envato Contacted...

Travel Booking < 2.7.8.6 - Reflected & Persistent XSS Issues

Reflected & Persistent XSS vulnerability was discovered in the 'Travel Booking WordPress Theme', tested version — v2.7.8.5 Edit WPScanTeam: January 11th, 2020 - Report received & Envato contacted January 12th, 2020 - Report updated with Reflected XSS, Envato notified again. January 12th, 2020 -...

Houzez < 1.8.4 - Unauthenticated Cross-Site Scripting (XSS)

Two Reflected XSS vulnerability were discovered in the «Houzez - Real Estate WordPress Theme», tested version — v1.8.3.1 Edit WPScanTeam: January 11th, 2020 - Report received & Envato Contacted January 12th, 2020 - Envato Investigating January 27th, 2020 - v1.8.4 released, fixing the issue. PoC...

TownHub < 1.0.6 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'TownHub - Directory & Listing WordPress Theme', tested version — v1.0.2: - Unauthenticated XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 5th, 2020 - Envato Investigating January 6th, 2020 -...

CityBook < 2.3.4 - Multiple Vulnerabilities

Multiple vulnerabilities was discovered in the 'CityBook - Directory & Listing WordPress Theme', tested version — v2.3.3: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January...

Real Estate 7 < 2.9.1 - Stored XSS & IDOR

The 'Real Estate 7' premium WordPress theme is vulnerable to persistent XSS injection that allows an attacker to inject JavaScript or HTML code into the website front-end. There is also an Insecure Direct Object Reference issue, allowing unauthorized users to edit listings they should not have...