This contains the necessary directories and Dockerfile to replicate A vulnerabality in OURPHP that has a XSS Vulnerability (CVE-2023-30212).
# Creating a Vulnerable Docker Environment (CVE-2023-30212)
`sudo apt install -y docker.io`
# Follow below commands step by step:
**Download the files from this repository using git clone**
`git clone https://github.com/VisDev23/Vulnerable-Docker--CVE-2023-30212-.git` .
This contains necessary directories and dockerfile to replicate the scenario.
After Downloading the files , build a docker image using
`sudo docker build -t <Give_Suitable_Docker_name> . ` .
! Add a name to the Docker image so that it can be called later.
Convert the Docker image into a container by using
`sudo docker run -d -p 80:80 <Docker_Image_Name> ` .
! Here the container port is mapped to port 80.
To see the status of the docker container ,
`sudo docker ps`
After doing these steps,
Enter the localhost and configure OURPHP with following credentials.
Username : root
Password : root
Database Name: data
Now you need to configure username and password for Administrative. Set the following:
So our payload is
add this along with localhost or 127.0.0.1 to trigger XSS.