Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18776
HistoryJan 02, 2008 - 12:00 a.m.

Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search

2008-01-0200:00:00
vulners.com
50
JSON

Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search

Author: Audun Larsen (larsen at xqus dot com)
Date: Dec 29, 2007

–AFFECTED SOFTWARE--------------------------

Name: phpWebSite
Version: 1.4.0
Release date: Dec 11, 2007

Developed by the Web Technology Group at Appalachian State University,
phpWebSite provides a complete web site content management system ( CMS ).
All client output is XHTML 1.0 and meets the
W3C's Web Accessibility Initiative requirements.

–DISCUSSION---------------------------------

The phpWebSite CMS is vulnerable to a Non-Persistent (or reflected)
Cross-Site Scripting attack. The problem exists because of the lack
of properly escaping user input before using it to generate links on
the search result page.

–PROOF OF CONCEPT---------------------------

http://phpwebsite.example.com/index.php?module=search&user=search
&search=%22%3E%3Ch1%3EXSS%3C%2Fh1%3E&alternate=local&mod_title=all&submit=Search

–TIMELINE-----------------------------------

Dec 29, 2007: Bug found
Dec 29, 2007: Vendor notified
DEc 31, 2007: Vendor reports that the bug is fixed
Jan 1 , 2008: Posted to Bugtraq

–DISCLAIMER---------------------------------

The information in this advisory and any of its demonstrations is provided
"as is" without warranty of any kind.

Copyright © 2007 Audun Larsen, some rights reserved:
http://creativecommons.org/licenses/by-sa/3.0/

JSON