Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:23140
HistoryJan 28, 2010 - 12:00 a.m.

[InterN0T] ShareTronix 1.0.4 - HTML Injection Vulnerability

2010-01-2800:00:00
vulners.com
40
JSON

ShareTronix - HTML Injection Vulnerability

Version Affected: 1.0.4 (newest)

Info:

Sharetronix Opensource is a multimedia microblogging platform.

It helps people in a community, company, or group to exchange short messages over the Web.

Credits: MaXe from InterN0T (patched the vulnerability) & Reelix (found the vulnerability)

External Links:

http://sharetronix.com/opensource/

-:: The Advisory ::-

The header.php file for showing a single microblog entry does not sanitize the page_title correct.

page_title is set by the user when posting an entry to the microblog platform.

Files:

sharetronix/system/templates/header.php

00013: <title><?= $D->page_title ?></title>

sharetronix/system/templates/mobile/header.php

00014: <title><?= $D->page_title ?></title>

-:: Solution ::-

sharetronix/system/templates/header.php

00013: <title><?= htmlentities($D->page_title); ?></title>

sharetronix/system/templates/mobile/header.php

00014: <title><?= htmlentities($D->page_title); ?></title>

Disclosure Information:

  • Vulnerability found 26th January

  • Patch was made available 26th January

  • Vendor and Buqtraq (SecurityFocus) contacted the 26th January

  • Will be disclosed on InterN0T 27th January

All of the best,

MaXe

JSON