• Sayan Chatterjee

Website Broker Script – Stored XSS

############################################################################


# Exploit Title: Website Broker Script – Stored XSS

# Date: 11.02.2018

# Exploit Author: Sayan Chatterjee

# Vendor Homepage: https://www.phpscriptsmall.com/

# Software Link: https://www.phpscriptsmall.com/product/website-broker-script/

# Category: Web Application

# Version: 3.0.6

# Tested on: Windows 10

# CVE: CVE-2018-6900


############################################################################


Proof of Concept

=================


URL: https://www.phpscriptsmall.com/product/website-broker-script/

Attack Vector : Last Name

Payload : <svg/onload=alert(document.cookie)>


Reproduction Steps:

——————————


1. Access the above URL

2. Click on “User Demo:

3. Application will be redirected to http://74.124.215.220/~clienemo/prabha/flippa-clone/

4. Go to “Register” and Create a New User

5. Now Login into the application and Click on : My Account ”

6. Click on “Edit Profile” -> Select “Last Name” field and inject <svg/onload=alert(document.cookie)>

7. Persistent XSS will be executed.



#CVE #exploitdb #nse

1 view
 

©2020 by hacksayan.