Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

DedeCMS 5.7 - Cross-Site Scripting

By kannthu

High
Vidoc logoVidoc Module
#dedecms#xss
Description

What is "DedeCMS 5.7 - Cross-Site Scripting?"

The "DedeCMS 5.7 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the DedeCMS 5.7 software. DedeCMS is a popular content management system used for building websites. This vulnerability has a high severity level, indicating the potential for significant impact if exploited. The original author of this module is ritikchaddha.

Impact

A cross-site scripting vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users. In the case of DedeCMS 5.7, this vulnerability exists in the '/include/dialog/config.php' file. If successfully exploited, an attacker can execute arbitrary scripts in the browser of an unsuspecting user. This can lead to various consequences, such as stealing sensitive information, session hijacking, or defacing the website.

How the module works?

The module works by sending a specific HTTP request to the target website and then analyzing the response. It checks for three matching conditions:

    - The response body contains the string "location='../../</script><script>alert(document.domain)</script>'". - The response header contains the string "text/html". - The response status code is 200 (OK).

If all three conditions are met, the module identifies the presence of the cross-site scripting vulnerability in the target website.

Example HTTP request:

GET /include/dialog/config.php?adminDirHand=%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1
Host: example.com

Please note that this description provides a simplified explanation of the module's functionality. The actual module definition contains more detailed JSON definitions and additional matching conditions.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/include/dialog/conf...
Matching conditions
word: location='../../</script><script>alert(d...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability