DomainMod 跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1720869 漏洞类型 跨站脚本
发布时间 2019-08-30 更新时间 2019-09-04
CVE编号 CVE-2019-15811 CNNVD-ID CNNVD-201908-2228
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019080158
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201908-2228
|漏洞详情
DomainMod是一款基于PHP和MySQL的用于管理中心位置的域名和其它互联网资产的开源应用程序。 DomainMOD 4.13及之前版本中的reporting/domains/cost-by-month.php文件的‘daterange’参数存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
|漏洞EXP
# Exploit Title: DomainMod <= 4.13 - Cross-Site Scripting
# Date: 30 August 2019
# Exploit Author: Damian Ebelties (https://zerodays.lol/)
# Vendor Homepage: https://domainmod.org/
# Version: <= 4.13
# Tested on: Ubuntu 18.04.1
# CVE: CVE-2019-15811

The software 'DomainMOD' is vulnerable for Cross-Site Scripting in the
file '/reporting/domains/cost-by-month.php' in the parameter 'daterange'.

As of today (30 August 2019) this issue is unfixed.

Almost all other files that use the parameter 'daterange' are vulnerable.
See: https://github.com/domainmod/domainmod/tree/master/reporting/domains

Proof-of-Concept:

    https://domain.tld/reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(1)%22autofocus=%22
|参考资料

来源:zerodays.lol

链接:https://zerodays.lol/


来源:github.com

链接:https://github.com/domainmod/domainmod/issues/108


来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-15811