Vulners
Lucene search
PHProjekt PhpSimplyGest / MyProjects 1.3.0 Cross Site Scripting Vulnerability
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | CVE-2022-27308 | 9 May 202218:15 | – | attackerkb |
 | CVE-2022-27308 | 16 May 202219:03 | – | circl |
 | PHProjekt MyProjects 跨站脚本漏洞 | 5 May 202200:00 | – | cnnvd |
 | PHProjekt MyProjects Cross-Site Scripting Vulnerability | 9 May 202200:00 | – | cnvd |
 | CVE-2022-27308 | 9 May 202217:29 | – | cve |
 | CVE-2022-27308 | 9 May 202217:29 | – | cvelist |
 | PHProjekt PhpSimplyGest v1.3. - Stored Cross-Site Scripting (XSS) | 11 May 202200:00 | – | exploitdb |
 | EUVD-2022-31814 | 3 Oct 202520:07 | – | euvd |
 | CVE-2022-27308 | 9 May 202218:15 | – | nvd |
 | PHProjekt PhpSimplyGest / MyProjects 1.3.0 Cross Site Scripting | 5 May 202200:00 | – | packetstorm |
10
# Exploit Title: PHProjekt (PhpSimplyGest / MyProjects, 1.3.0) - Stored XSS (Cross-Site Scripting)
# Exploit Author: Andrea Intilangelo
# Vendor Homepage: http://www.phprojekt.altervista.org (removed demo was at http://phprojekt.altervista.org/phpsimplygest130)
# Software Link: https://github.com/robyfofo/MyProjects (original PhpSimplyGest https://github.com/robyfofo/PhpSimplyGest now merged/renamed into MyProjects)
# Version: 1.3
# Tested on: Latest Version of Desktop Web Browsers (ATTOW: Firefox 100.0, Microsoft Edge 101.0.1210.32)
# CVE: CVE-2022-27308
Description:
A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 (and related products from same vendor, like "MyProjects") allows
attacker to execute arbitrary web scripts or HTML.
Injecting persistent javascript code inside the title description (or content) while creating a project, todo, timecard, estimates, report or finding,
it will be triggered once page gets loaded.
Steps to reproduce:
Click on Projects and add or edit an existing one,
Insert the following PoC inside the Title
<<SCRIPT>alert("XSS here");//\<</SCRIPT>
Click on 'Send'.
If a user visits the website dashboard, as well as project summary page, the javascript code will be rendered.
Timeline:
2022-01-08: Vulnerability discovered.
2022-01-08: Vendor contacted.
2022-02-09: No reply, vendor contacted for 2nd time.
2022-02-18: Request for CVE reservation.
2022-04-27: Assigned CVE number 2022-27308.
2022-05-02: No reply, vendor contacted for 3rd time.
2022-05-05: Public disclosure.
PoC Screenshots:
https://imagebin.ca/v/6g5OFET1pyZB
https://imagebin.ca/v/6g6qLRC3X5ky
https://postimg.cc/qgc19rg0
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 May 2022 00:00Current
0.2Low risk
Vulners AI Score0.2
CVSS 23.5
CVSS 3.15.4
EPSS0.01028