Lucene search
Samrat Das1337DAY-ID-29846HistoryFeb 20, 2018 - 12:00 a.m.
October CMS < 1.0.431 - Cross-Site Scripting Vulnerability
2018-02-2000:00:00
Samrat Das
0day.today
30
0.001 Low
EPSS
Percentile
33.5%
Exploit for php platform in category web applications
# Exploit Title: October CMS Stored Code Injection
# Exploit Author: Samrat Das
# Contact: http://twitter.com/Samrat_Das93
# Website: https://securitywarrior9.blogspot.in/
# Vendor Homepage: *https://octobercms.com/ <https://octobercms.com/>*
# Version: All versions till date from 1.0.431
# CVE : CVE- 2018-7198
# Category: WebApp CMS
1. Description
The application source code is coded in a way which allows malicious
crafted HTML commands to be executed without input validation
2. Proof of Concept
1. Visit the application
2. Visit the Add posts page
3. Goto edit function, add any html based payload and its gets stored and executed subsequently.
Proof of Concept
Steps to Reproduce:
1. Create any HTML based payload such as:
Username:<input type=text> <br>
Password: <input type=text> <br>
<button type="button">Login</button>
2. This hosted page with form action implemented upon clicked by user will lead to exfiltration of credentials apart from performing a host of other actions such as stored xss and another similiar attacks.
3. Solution:
Implement through input validation to reject unsafe html input.
# 0day.today [2018-03-28] #Related
osv
osv
CVE-2018-7198
2018-02-18 03:29:00
October CMS - RainLab Blog Plugin XSS
2022-05-13 01:24:44
cve
cve
CVE-2018-7198
2018-02-18 03:29:00
nvd
nvd
CVE-2018-7198
2018-02-18 03:29:00
github
github
October CMS - RainLab Blog Plugin XSS
2022-05-13 01:24:44
prion
prion
Deserialization of untrusted data
2018-02-18 03:29:00
cvelist
cvelist
CVE-2018-7198
2018-02-18 03:00:00
packetstorm
packetstorm
October CMS Cross Site Scripting
2018-02-19 00:00:00