Car Rental Script – Stored XSS

Hacking articles, Technical Pentesting Tutorials, Website Development tricks | Hacksayan

############################################################################

# Exploit Title: Car Rental Script – Stored XSS

# Date: 11.02.2018

# Exploit Author: Sayan Chatterjee

# Vendor Homepage: https://www.phpscriptsmall.com/

# Software Link: https://www.phpscriptsmall.com/product/car-rental-script/

# Category: Web Application

# Version: 2.0.8

# Tested on: Windows 10

# CVE: CVE-2018-6904

############################################################################

Proof of Concept

=================

URL: https://www.phpscriptsmall.com/product/car-rental-script/

Attack Vector : User Name Payload : <svg/onload=alert(document.cookie)>

Reproduction Steps:

——————————

1. Access the above URL

2. Click on “User Demo”

3. Application will be redirected to http://travelbookingscript.com/demo/taxibooking_new/index.php

4. Goto “Register” and Create a New User

5. Now Login into the application and Click on : My Account ”

6. Click on “Edit Profile” -> Select “User Name” and inject <svg/onload=alert(document.cookie)>

7. Persistent XSS will be executed.

#CVE #exploitdb #nse

Facebook
Twitter
Email
Print

Leave a Reply

Your email address will not be published. Required fields are marked *

Newsletter

Sign up our newsletter to get update information, news and free insight.