Ad Rotator AdPeeps 8.6.9 Persistent XSS Vulnerability

Advisory: Ad Rotator AdPeeps 8.6.9 Persistent XSS Vulnerability 
Version:8.6.9
Vendor URL: http://adpeeps.com/
Demo Link:http://demo.adpeeps.com/

Author: Viknesvaran Sittaramane
Category: Webapp  
Twiiter: https://twitter.com/csvsn    
 
~.~.~.~.~.~.~.~.~.~.~.
Product Description
~.~.~.~.~.~.~.~.~.~.~.
 Ad Peeps is a banner rotator and text ad server - all in one that allows you to fully automate displaying, selling and managing banner advertisement, rich-media/flash ads and text ads on your website. Built using PHP/MYSQL, Ad Peeps provides you and your advertisers with highly detailed real-time statistics and is capable of delivering millions of impressions on a typical shared ad server. 

~.~.~.~.~.~.~.~.~.~.~.~.~
Vulnerability Description
~.~.~.~.~.~.~.~.~.~.~.~.~
 
Ad Peeps suffers from Persistent Cross site Vulnerability

~.~.~.~.~.~.
PoC-Exploit
~.~.~.~.~.~.

Step1 : Go to View Visitor Log -> Click any one of Ad Number -> Edit Setting ->Add New Text add 

Demo url :http://demo.adpeeps.com/index.php?loc=createadvertad&uid=100000&campaignid=1105&adno=99&adtype=banner

Step2 : Enter the malicious script on those fields and save all changes

Step3 : Persistent Cross site script is Confirmed
 
Parameter used : '"--><script>alert(0x000872)</script>

Screenshot -> http://i49.tinypic.com/xq077.png

#  0day.today [2018-01-01]  #