Share
# Exploit Title: CWP (CentOS Control Web Panel) Store Cross Site Scripting  
# Date: 25 Oct 2019  
# Exploit Author: Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak  
# Vendor Homepage: https://control-webpanel.com/  
# Version: 0.9.8.885  
# CVE : CVE-2019-16295  
  
+++++++++++++++++++++++++++++++++  
# Description:  
+++++++++++++++++++++++++++++++++  
  
User can add XSS payload in Directory Name , Filename , file extension in function "File Manager"  
  
+++++++++++++++++++++++++++++++++  
# Steps to Reproduce  
+++++++++++++++++++++++++++++++++  
  
1. In user panel go to File Management --> File Manager  
2. Go to "Create Directory" or "Create File" and insert XSS payload "<img src=x onerror=javascript&colon;alert&lpar;document&period;cookie&rpar;>"   
3. XSS will trigger.  
  
+++++++++++++++++++++++++++++++++  
# PoC  
+++++++++++++++++++++++++++++++++  
  
https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-16295.md  
  
+++++++++++++++++++++++++++++++++  
# Timeline  
+++++++++++++++++++++++++++++++++  
  
2019-07-19: Discovered the bug  
2019-07-19: Reported to vendor  
2019-07-23: Vender accepted the vulnerability  
2019-10-23: The vulnerability has been fixed  
2019-10-25: Advisory published  
  
+++++++++++++++++++++++++++++++++  
# Discovered by  
+++++++++++++++++++++++++++++++++  
  
Pongtorn Angsuchotmetee  
Nissana Sirijirakal  
Narin Boonwasanarak