Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Qcubed - Cross-Site Scripting

By kannthu

High
Vidoc logoVidoc Module
#xss#qcubed
Description

What is "Qcubed - Cross-Site Scripting?"

The "Qcubed - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the Qcubed software. Qcubed is a web development framework that allows developers to create PHP-based applications. This vulnerability can be exploited by a remote attacker to inject arbitrary JavaScript code into the application.

This vulnerability is classified as CWE-79 and has a severity rating of high. It has a CVSS score of 7.2, indicating a significant impact on the confidentiality and integrity of the affected application.

This module was authored by pikpikcu.

Impact

If successfully exploited, this cross-site scripting vulnerability can allow an attacker to execute arbitrary JavaScript code within the context of the vulnerable application. This can lead to various security risks, including session hijacking, defacement of web pages, and theft of sensitive user information.

How the module works?

The "Qcubed - Cross-Site Scripting" module works by sending HTTP requests to specific endpoints in the Qcubed application. It then applies matching conditions to determine if the vulnerability is present.

One example of an HTTP request sent by this module is:

GET /assets/php/_devtools/installer/step_2.php?installation_path=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E

The module applies the following matching conditions:

- The response body must contain the string "</script><script>alert(document.domain)</script>" - The HTTP response status must be 200 - The response header must contain the string "text/html"

If all of these conditions are met, the module reports a vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/assets/php/_devtool.../qcubed/assets/php/_...
Matching conditions
word: </script><script>alert(document.domain)<...and
status: 200and
word: text/html
Passive global matcher
No matching conditions.
On match action
Report vulnerability