- Exploit Title: CVE-2024-24136 : Math Game Cross-Site-Scripting
- Date: 2024-12-01
- Exploit Author: Burak Sevben
- Vendor Homepage: https://www.sourcecodester.com/php/17075/math-game-leaderboard-using-php-and-mysql-source-code.html
- Software Link: https://www.sourcecodester.com/download-code?nid=17075&title=Math+Game+with+Leaderboard+Using+PHP+and+MySQL+with+Source+Code
- Version: 1.0
- Tested on: Windows 11 Home + PHP 8.2.12, Apache 2.4.58
- Payload:
<video/src=x onerror=alert(document.domain)> - CVE: CVE-2024-24136
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24136
- https://www.cve.org/CVERecord?id=CVE-2024-24136
- https://nvd.nist.gov/vuln/detail/CVE-2024-24136
The 'Your Name' section in the Submit Score section of the math game app is vulnerable to Cross-Site Scripting Attacks. Math Game is vulnerable to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
- Go to http://localhost/math-game-with-leaderboard/
- Then play the game (it will be over in about 2 minutes).
- In the 'Your Name' section of the Submit Score section, enter the following payload:
<video/src=x onerror=alert(document.domain)> - Click Submit and submit your score.
- A pop-up will then open and XSS will be triggered.
