Home / os / winmobile

Ultimate HR System 1.2 Cross Site Scripting / Directory Traversal

Posted on 07 September 2017

# Exploit Title: HRM - Workable Zone : Ultimate HR System <= 1.2 - Unauthenticated Directory Traversal / Stored XSS # Date: 2017-09-05 # Exploit Author: 8bitsec # Vendor Homepage: http://workablezone.com # Software Link: https://codecanyon.net/item/hrm-workable-zone-ultimate-hr-system/20182372 # Version: 1.2 # Tested on: [Kali Linux 2.0 | Mac OS 10.12.6] # Email: contact@8bitsec.io # Contact: https://twitter.com/_8bitsec Release Date: ============= 2017-09-05 Product & Service Introduction: =============================== Workable Zone is probably one of most customizable Human resourse(HR) management software for companies of all sizes. Technical Details & Description: ================================ Multiple Stored XSS vulnerabilities found. Directory Traversal vulnerability can disclose sensitive files. Proof of Concept (PoC): ======================= Stored XSS: Logged as Employee: Write your payload on: Profile > Last Name Other vulnerable fields include: First Name, Contact Number Unauthenticated Directory Traversal: http://localhost.com/download?type=document&filename=../../../../../etc/passwd Credits & Authors: ================== 8bitsec - [https://twitter.com/_8bitsec]

 

TOP