- Exploit Title: Travel Journal App - Cross Site Scripting
- Date: 2024-20-01
- Exploit Author: Tuba Kavgacı
- Vendor Homepage: https://www.sourcecodester.com/php/17115/travel-journal-using-php-and-mysql-source-code.html
- Software Link: https://www.sourcecodester.com/download-code?nid=17115&title=Travel+Journal+Using+PHP+and+MySQL+with+Source+Code
- Version: 1.0
- Tested on: Windows 11 Home + PHP 8.2.12, Apache 2.4.58
- CVE: CVE-2024-24041
- https://www.cve.org/CVERecord?id=CVE-2024-24041
- https://vuldb.com/fr/?id.252597
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24041
- https://www.security-database.com/detail.php?alert=CVE-2024-24041
- https://portswigger.net/web-security/cross-site-scripting
Travel Journal App 1.0 allows mirrored cross-site scripting of the 'Location' and 'Share your monents' form's in the path http://localhost/travel-journal/write-journal.php. Travel Journal App is vulnerable to a cross-site scripting vulnerability because it fails to adequately sanitise user-supplied data.
An attacker could exploit this issue to run arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow an attacker to steal cookie-based authentication credentials and launch other attacks.
- Go to 'Write Journal'.
- Go to the 'Location' or 'Share your monents' forms and use the following payloads:
<script>alert(document.cookie)</script>and<script>alert(document.domain)</script> - Then click 'Save Journal'.
- XSS will be loaded.
- Go to the 'Read Journal' section and click.
- Warnings will pop up.
1:
2:
3:
4:
5:
6:
