Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

smcs 2.x csrf+storage xss #2

Closed
ParadiseCong opened this issue Dec 5, 2018 · 2 comments
Closed

smcs 2.x csrf+storage xss #2

ParadiseCong opened this issue Dec 5, 2018 · 2 comments

Comments

@ParadiseCong
Copy link

An issue was discovered in Sales & Company Management System (SCMS) through 2018-12-05。There is a discrepancy in email checking between a component that does email code validation, and a component
that is the source client validation. Thus, it is possible to update a database query and due to storage xss.

this vulnerable occured via member_email.php
1
Enter an arbitrarily email address and click the button,wait a moment,can receive the validation code.
2
Now,enter the code and update the email payload like this,click the button .
3
capture the package via burp suite and generate the csrf poc
4
click the img tag
5

@attritionorg
Copy link

@ParadiseCong like the other issues you filed, please verify which S-CMS you are testing. I suspect this is Zibo's S-CMS Enterprise Website System.

@Venan24
Copy link
Owner

Venan24 commented Mar 4, 2019

This is not right repository. This repo does not have those issues or the files you are referring to.

@Venan24 Venan24 closed this as completed Mar 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants