Bug: AContent 1.1 (category_name) Remote Script Insertion Vulnerability ( Ascii Version )
Search:
WLB2

CVE WLB2

WLB2.ORG
Full List
Bugs
Bogus
Tricks
Exploits
CVEMAP.ORG
Full List
Vendors
Products
Tools
CWE Dictionary
Dorks List
cIFrex
Search
Bugtraq
CVEMAP
CVE Id
CWE Id
RSS
Full List
Bugs
Exploits
Dorks
Information
Add note
About
Submit

To add a note,

use this form

or send email to

submit@cxsec.org
Social

TwitterFacebook
AContent 1.1 (category_name) Remote Script Insertion Vulnerability

Published
Credit
Risk
2011.08.06
Gjoko 'LiquidWorm' Krstic
Low
CWE
CVE
Local
Remote
N/A
N/A ( Add )
No
Yes



AContent 1.1 (category_name) Remote Script Insertion Vulnerability





Vendor: ATutor (Inclusive Design Institute)

Product web page: http://www.atutor.ca

Affected version: 1.1 (build r296)



Summary: AContent is an open source learning content authoring system

and respository used to create interoperable, accessible, adaptive

Web-based learning content. It can be used along with learning management

systems to develop, share, and archive learning materials.



Desc: AContent suffers from a stored cross-site scripting vulnerability.

Input thru the POST parameter 'category_name' in '/course_category/index.php'

is not sanitized allowing the attacker to execute HTML code into user's

browser session on the affected site. Auth needed for script insertion.



Tested on: Microsoft Windows XP Professional SP3 (EN)

Apache 2.2.14 (Win32)

PHP 5.3.1

MySQL 5.1.41





Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

@zeroscience





Advisory ID: ZSL-2011-5033

Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5033.php





31.07.2011



--





POST http://localhost/AContent/course_category/index.php HTTP/1.0



category_name="><script>alert(1)</script>&add=Add

ASCII VERSION
Copyright 2013, cxsecurity.com
 Ascii Version