Jump to content
Sign in to follow this  
KhiZaRix

Question2Answer 1.7 Cross Site Scripting

Recommended Posts

######################################################################

[+] Title: Script Question2Answer 1.7 - Stored XSS Vulnerability

[+] Author: s0w

[+] Tested On Windows & Linux

[+] Date: 21/03/2015

[+] Type: Web Application

[+] Script Download: https://github.com/q2a/question2answer

[+] Vendor Homepage: Question2Answer - Free Open Source Q&A Software for PHP

[+] Vulnerability in:\qa-include\pages\question.php

[+] Google Dork : intext:"Powered by Question2Answer"

#######################################################################

[+] As shown in the code, the value of 'title' and 'textbody' not filtered

by 'htmlspecialcharts'

which cause stored xss and same in data-store in webserver SQL commands

.

[+] Exploit :

1. Browse application in browser ..

2. Add new question with xss code like alert method ;)

3. submit the new question to viewers ..

4. complete next steps as xss in tag,body,title,.. etc ..

5. Finally submit your Qes ..

6. Test your target in main page ./index.php ..

7. Use this in Cookies,alerts, Or TrafficBots :D Have Fun !!

[+] XSS Pattern can be used: '"<script>alert(/s0w/)</script>

[+] Demo Video : Script Question2Answer - Stored XSS Vulnerability - YouTube

[+] Demo Target :

???? ?????

# Discovered By: s0w

# Contact: fb.me/s0w.egy

# Mail: s0wxp0c@gmail.com

?#? Greetz? To Egyptian Shell team | Sec4ever ?#

Source:http://dl.packetstormsecurity.net/1503-exploits/question2answer-xss.txt

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...