Webfolio CMS 1.1.4 Cross Site Scripting

2012-03-09 / 2012-03-10
Credit: Ivano Binetti
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

+--------------------------------------------------------------------------------------------------------------------------------+ # Exploit Title : WebfolioCMS <= 1.1.4 Multiple XSS # Date : 07-03-2012 # Author : Ivano Binetti (http://www.ivanobinetti.com) # Software link : http://sourceforge.net/projects/webfolio-cms/files/WebfolioCMS-1.1.4.zip/download # Vendor site : http://webfolio-cms.sourceforge.net/ # Version : 1.1.4 and lower # Tested on : Debian Squeeze (6.0) # Original Advisory: http://ivanobinetti.blogspot.com/2012/03/webfolio-114-multiple-xss.html +--------------------------------------------------------------------------------------------------------------------------------+ +------------------------------------------[CSRF Vulnerabilities by Ivano Binetti]-----------------------------------------------+ Summary 1)Introduction 2)Vulnerabilities Description 3)POC +--------------------------------------------------------------------------------------------------------------------------------+ 1)Introduction Webfolio CMS "is a free, open-source, customized content management system, whose main purpose is creation of web sites for presenting someone's work, and portfolio-like websites". 2)Vulnerabilities Description WebfolioCMS 1.1.4 (and lower) is prone to multiple XSS vulnerabilities in "webfolio/admin/users/edit/<used_id>" pages - where <used_id> = 1....n - due to an improper input sanitization. 3)POC To exploit "First name" and "Last name" fields: <script>alert(document.cookie)</script> To exploit "Email (required)" field: email@email.com"><script>alert(document.cookie)</script> +--------------------------------------------------------------------------------------------------------------------------------+

References:

http://sourceforge.net/projects/webfolio-cms/files/WebfolioCMS-1.1.4.zip/download
http://www.ivanobinetti.com
http://ivanobinetti.blogspot.com/2012/03/webfolio-114-multiple-xss.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top