# Exploit Title: Advanced Real Estate Script -4.0.9- has Stored XSS
# Date: 04.08.2018
# Site Title : Realestate
# Vendor Homepage: https://www.phpscriptsmall.com/
# Software Link : https://www.phpscriptsmall.com/product/advanced-real-estate-script/
# Category: Web Application
# Version: 4.0.9
# Exploit Author: Vikas Chaudhary
# Contact: https://gkaim.com/contact-us/
# Web: https://gkaim.com/
# Published on : https://gkaim.com/cve-2018-15189-vikas-chaudhary/
# Tested on: Windows 10 -Firefox
# CVE- CVE-2018-15189

*****************************
# VENDOR SUMMARY :- PHP Scripts Mall Pvt. Ltd. is a professional software selling portal offering wide range of innovative.
PHP Scripts Mall is a leading business and technology firm with 12 years of successful track record
in completion and implementation of numerous projects in various verticals and domains..
It has 300 plus PHP scripts ready to buy.

# DESCRIPTION :- XSS, is a way of bypassing the SOP concept. Whenever HTML code is generated dynamically,
and the user input is not sanitized and is reflected on the page an attacker could insert his own HTML code.
The web browser will still show the user’s code since it pertains to the website where it is injected.
Stored XSS Vulnerability is found in Specified Vendor .By storing a payload there,
an admin or guest user can be attacked by an attacker
without tricking them to visit a malicious web
site or clicking on any malicious link.

***********************

Proof of Concept:-
————————-
1. Go to site
2- Click on => Sign In /Join => and then fill the Form using your mail id ,
3- Now fill the Captcha and click on submit
4- Goto your mail and Verify it.
5- Now come back to site and Sign in using your Verified mail and Password.
6- Go to Profile =>Edit Profile and Put this Script in Name

“><img src=x onerror=prompt(/VIKAS/)>

and click on Update

7- You will having a popup of /VIKAS/ when you refresh the page ..