ZARest POS - restaurant point of sale web application v2.0.0 Stored XSS Injection - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1598180 漏洞类型
发布时间 2019-05-07 更新时间 2019-05-07
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019050060
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
[*] :: Title: ZARest POS - restaurant point of sale web application v2.0.0 Stored XSS Injection
[*] :: Author: QUIXSS
[*] :: Date: 2019-05-07
[*] :: Software: ZARest POS - restaurant point of sale web application v2.0.0
  
[?] :: Technical Details & Description:
# Weak security measures like no input fields data filtering has been discovered in the «ZARest POS - restaurant point of sale web application» web-application. Current version is 2.0.0.

[?] :: Demo Website:
# https://codecanyon.net/item/zarest-pos-restaurant-point-of-sale-web-application/17837041
# Backend: http://www.dar-elweb.com/demos/zarest
# Login/Password (admin): admin/password
# Login/Password (manager): sale/password

[!] :: Special Note:
# After injections you'll see that some blocks on the edited page are broken cause of poor code quality.

[!] :: For developers:
# Disabling any data changes on a demo websites doesn't make your applications more secure. It's good for business and sales but you are simply double-crossing your clients.

[+] :: PoC [Stored XSS Injection]:
# Go to the demo website http://www.dar-elweb.com/demos/zarpos and log in as admin or as a manager. Then go to any page you want and inject your payload in any textfield, cuz they are all not protected. Save the data and your payload will be successfully injected.
# Sample payload: "><script>alert('QUIXSS');</script>