0day.today - Il più grande database di exploit nel mondo.
![](/img/logo_green.jpg)
Utilizziamo un dominio principale DOMAIN_LINK
Se vuoi acquistare l'exploit o ottenerlo, devi comprare i Gold. Non vogliamo che utilizzi i tool di hacking per atttività illecite sul nostro sito web, quindi ogni azione può avere effetti illegali su utenti e sul nostro sito web verrai bannato. ed il tuo account con i tuoi dati verranno distrutti.
L'amministrazione del sito usa contatti ufficiali. Attenzione agli istruttori!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Leggere il [ accordo ]
- Leggere il [ Submit ] regole
- Visita il [ faq ] page
- [ Registrati ] profilo
- ottieni [ Oro ]
- Se vuoi [ vendere ]
- Se vuoi [ comprare ]
- se hai perso [ Account ]
- Qualsiasi domanda [ [email protected] ]
- Autorizzazione della Pagina
- Registrazione della pagina
- Ripristina l'account della pagina
- FAQ pagina
- Pagina dei contatti
- Regole di pubblicazione
- Pagina degli accordi
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Ci puoi contattare tramite:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Composr CMS 10.0.30 - Persistent Cross-Site Scripting Vulnerability
Autore
Rischio
![](/img/risk/critlow_3.gif)
Security Risk High
]0day-ID
Categoria
Data inserimento
Piattaforma
# Title: Composr CMS 10.0.30 - Persistent Cross-Site Scripting # Author: Manuel Garcia Cardenas # Vendor: https://compo.sr/ # CVE: N/A ============================================= MGC ALERT 2020-001 - Original release date: February 06, 2020 - Last revised: May 21, 2020 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) - CVE-ID: CVE-2020-8789 ============================================= I. VULNERABILITY ------------------------- Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting II. BACKGROUND ------------------------- Composr CMS (or Composr) is a web application for creating websites. It is a combination of a Web content management system and Online community (Social Networking) software. Composr is licensed as free software and primarily written in the PHP programming language. III. DESCRIPTION ------------------------- Has been detected a Persistent XSS vulnerability in Composr CMS, that allows the execution of arbitrary HTML/script code to be executed in the context of the victim user's browser. IV. PROOF OF CONCEPT ------------------------- Go to: Security -> Usergroups -> Edit Usergroup Select one Usergroup (for example Guest) and edit the Name (parameter name) for example with Guests"><script>alert(1)</script> The variable "name" it is not sanitized, later, if some user visit the "Zone editor" area, the XSS is executed, in the response you can view: <input type="hidden" name="label_for__access_1" value="Access for Guests"><script>alert(1)</script>" /> V. BUSINESS IMPACT ------------------------- An attacker can execute arbitrary HTML or Javascript code in a targeted user's browser, this can leverage to steal sensitive information as user credentials, personal data, etc. VI. SYSTEMS AFFECTED ------------------------- Composr CMS <= 10.0.30 VII. SOLUTION ------------------------- Disable until a fix is available. VIII. REFERENCES ------------------------- https://compo.sr/ IX. CREDITS ------------------------- This vulnerability has been discovered and reported by Manuel Garcia Cardenas (advidsec (at) gmail (dot) com). X. REVISION HISTORY ------------------------- February 06, 2020 1: Initial release May 21, 2020 2: Last revision XI. DISCLOSURE TIMELINE ------------------------- February 06, 2020 1: Vulnerability acquired by Manuel Garcia Cardenas February 06, 2020 2: Send to vendor April 06, 2020 3: New request, vendor doesn't answer. May 21, 2020 4: Sent to lists XII. LEGAL NOTICES ------------------------- The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. XIII. ABOUT ------------------------- Manuel Garcia Cardenas Pentester # 0day.today [2024-06-30] #