Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Calendar Script Easy Membership Management Application Persistent XSS Vulnerability

🗓️ 15 Jan 2013 00:00:00Reported by Viknesvaran SittaramaneType 
zdt
 zdt🔗 0day.today👁 22 Views

Calendar Script Easy Membership Management Application Persistent XSS Vulnerability in E.M.M.

Code
Advisory:Calendar Script Easy Membership Management Application(E.M.M.A) Persistent XSS Vulnerability
Version:1.2
Vendor URL: http://calendarscripts.info/emma/
Demo Link: http://demo.pimteam.net/emma/admin.php

Author: Viknesvaran Sittaramane
Category: Webapp  
Twiiter: https://twitter.com/csvsn
 
~.~.~.~.~.~.~.~.~.~.~.
Product Description
~.~.~.~.~.~.~.~.~.~.~.

E.M.M.A. Is Easy Membership Management Application

Features:
Create different subscription plans
Select subscription plan for every content
Upload protected pages, images and downloadable files
Your users can renew or upgrade their subscriptions any time
~.~.~.~.~.~.~.~.~.~.~.
Vulnerability Description
~.~.~.~.~.~.~.~.~.~.~.
 
 E.M.M.A multiple fields suffers from Persistent XSS Vulnerability

~.~.~.~.~.~.
PoC-Exploit
~.~.~.~.~.~.

----------------------
Front End of E.M.M.A :
----------------------
Step1: Go to the Registration form

Registration Demo url : http://demo.pimteam.net/emma/index.php?action=register

Step2: On the fields Name, Address, Buiness name,Tel, Mob, Test Field, Association enter the malicious script then SIGN UP

Step3: Login using the registered email and password -> Go to Edit Profile -> Pop Up Appears

Step4: Persistant XSS Confirmed

Parameter used : '"--><script>alert(0x000872)</script>

Screenshot: http://i47.tinypic.com/wvve4o.png

--------------------------------
Administrator Panel of E.M.M.A :
--------------------------------
Demo URL for E.M.M.A Administrator Panel : http://demo.pimteam.net/emma/admin.php?1358152765

Step1: Login to E.M.M.A

Step2:Under Manage users Tab (Manage users)
a.Edit any Username and replace username with a malicious script and Save it (Same goes to Create new user)
b. A Pop up appears -> Persistent XSS

Step3:Under Manage Site Tab (Content Categories) 
a.Under name field insert a malicious script and Save it (Add Category)
b. A Pop up appears -> Persistent XSS

Step4:Under Manage Site Tab (Manage Contents->Click here to Upload Contents) 
a.Content/page title and description field insert a malicious script and Save it (Add Plan)
b. A Pop up appears -> Persistent XSS


Step5:Under Manage Site Tab (Subscription Plans) 
a.Under Plane name field insert a malicious script and Save it 
b. A Pop up appears -> Persistent XSS

Parameter used : '"--><script>alert(0x000872)</script>

#  0day.today [2018-02-17]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
15 Jan 2013 00:00Current
7.1High risk
Vulners AI Score7.1
webapppersistent xssvulnerabilitysubscription plansmanage usersmanage site tabedit profileadministrator panelregistration form
22