priyanksethi
priyanksethi
/ gist:08fb93341cf7e61344aad5c4fee3aa9b
Created
June 5, 2018 14:30
Twonky Server 8.5 has XSS via a modified "language" parameter in the Language section.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Additional Information] | |
| > Steps for reproduction: | |
| > 1. Navigate to System and then move to Language section. | |
| > | |
| > 2. Select the language to "Italiano" | |
| > | |
| > 3. Click on "save changes" and intercept the POST request for the same. | |
| > | |
| > 4. Replace the selected "language" parameter with payload <img src=/ onerror=alert(1)> | |
| > |
priyanksethi
/ gist:48cce2fc4257213c8aca91e3c82a4ad3
Created
April 11, 2018 05:05
Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/ screen
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > [Additional Information] | |
| > Steps for reproduction: | |
| > 1. Navigate to Files "http://localhost/FrogCms/admin/?/plugin/file_manager/browse// " section. | |
| > | |
| > 2. Click on Create New "File" Or "Directory" | |
| > | |
| > 3. Keep the file name as a malicious payload eg: <script>alert(1)</script> | |
| > | |
| > 4. Click "OK" to save and create new file or directory | |
| > |