Bug: xss in w3-msql error page ( Ascii Version )

Search:
WLB2

xss in w3-msql error page

Published
Credit
Risk
2008.01.08
vivek_infosec
Low
CWE
CVE
Local
Remote
CWE-79
CVE-2008-0146
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

A reflected xss flaw exists in the w3-msql error page.

google dork : "W3-mSQL Error! - Can't stat script file (/"

Just insert a script from the start of /

like if u get a URL like:-

http://localhost/cgi-bin/w3-msql/journal/ijcd/index.html

and the error page output as :-

W3-mSQL Error! - Can't stat script file (/journal/ijcd/index.html)

u can try this:-

A reflected xss flaw exists in the w3-msql error page.

google dork : "W3-mSQL Error! - Can't stat script file (/"

Just insert a script from the start of /

like if u get a URL like:-

http://localhost/cgi-bin/w3-msql/<script>alert('xss')</script>

to confirm the issue

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version