Serenity Client Management Portal 1.0.1 - Multiple Vulnerabilities

EDB-ID:

35197

CVE:





Platform:

PHP

Date:

2014-11-10


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

# Exploit Title: Serenity Client Management Portal Multiple Vulnerabilities
# Date: 08-10-2014
# Exploit Author: Halil Dalabasmaz
# Version: v1.0.1
# Software Link: http://codecanyon.net/item/serenity-client-management-portal/9136098
# Software Test Link: http://www.zenperfectdesign.com/demo/serenity-cc/

# Vulnerabilities Description:

===Unrestricted File Upload===
Login to system and go to "Profile" section. Now you can upload any file or shell file from "Profile Image" section.

Solution
Filter the files aganist to attacks.

===

===Stored XSS===
Login to system and go to "Profile" section. Now you can run any XSS payloads on all profile inputs.

Sample Payload for XSS: "><script>alert(document.cookie);</script>

Solution
Filter the files aganist to attacks.