Simple Directory Listing 2.1_beta1 cross site scripting

2009.10.14

Credit: Amol Naik

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

## Security Advisory : Cross-Site Scripting flaw in Simple Directory Listing
##
Discovered by     ==> Amol Naik (amolnaik4_at_gmail_dot_com)

## Overview ##
--------------
Quote from from http://simpledirectorylisting.net/ :
"Simple Directory Listing is a single file php script which functions as
directory listing in an apache http server. It provides many useful
functions like copy, delete, read/write, etc.". There are 21,739,293
downloads from sourceforge.net.


## Vulnerability Description ##
-----------------
Simple Directory Listing is vulnerable to Cross-Site Scripting, allowing
injection
of malicious code in the context of the application.



## Technical Details ##
-------------
Vulnerable Product     : Simple Directory Listing 2.1_beta1
Download        :
http://sourceforge.net/projects/simpledirectory/files/simpledirectorylisting/SDL2.1_beta1/SDL2.1_beta1.zip/download
Vulnerability Type     : Cross-Site Scripting (XSS)
Affected page         : SDL2.php
Vulnerable parameters     : cwdRelPath



## Timeline ##
--------------
Bug Discovered : October 3rd, 2009
Informed Vendor : October 3rd, 2009 but no response received till date.


## Proof of concept ##
----------------------

http://localhost/simpledirectorylisting/SDL2.php?cwdRelPath=
'><script>alert(1)</script>

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Simple Directory Listing 2.1_beta1 cross site scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.