Информационная безопасность
[RU] switch to English


Дополнительная информация

  Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

  Pligg Installation File XSS Vulnerability

  RunCMS XSS Vulnerability via User Agent

  ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities

  MODx Installation File XSS Vulnerability

From:Andrei Rimsa <rimsa_(at)_live.com>
Date:8 июля 2010 г.
Subject:Exponent Slideshow XSS Vulnerability


Title: Exponent Slideshow XSS Vulnerability
Vendor: Exponent
Product: Exponent CMS
Tested Version: 0.97.0
Threat Class: XSS
Severity: High
Remote: yes
Local: no
Discovered By: Andrei Rimsa Alvares

===== Description =====

The file "modules/slideshowmodule/slideshow.js.php" is prone to XSS vulnerabilities. Multiple instance of
variable $_GET['u'] gets outputted to the page without proper sanitization.

===== Impact =====

Malicious java script code can be executed in the context of the affected web site.

===== Proof of Concept =====

http://target/modules/slideshowmodule/slideshow.js.
php?u=%3Cscript%3Ewindow.alert(String.fromCharCode(88,83,
83));%3C/script%3E

===== Workaround =====

No workaround is available at the time.

===== Disclosure Timeline =====

June, 16 2010 - Vendor notification.
July, 07 2010 - No vendor reply. Public disclosure.

===== References =====

http://www.exponentcms.org                                        
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
https://signup.live.com/signup.aspx?id=60969

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород