DCFM Blog 0.9.7 Cross Site Scripting

2016.11.18
Credit: N_A
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

DCFM Blog 0.9.7 XSS Attack =========================== Discovered by N_A , N_A[at]tutanota.com ======================================== Description ============ Open-source blog project. Free blog system for any website. Uses MySQL and PHP 5. Very easily customizable and incredibly flexible. https://sourceforge.net/projects/dcfm-blog/ Vulnerability ============= The forgot.php file in DCFM Blog 0.9.7 does not proplery check input and code injection is possible. if (!isset($_POST['userf'])) { echo "<form action='forgot.php' method='post'> Please provide your username: <input type='text' name='userf' /> <br /><br /><input type='submit' value='Get my Password' /> </form>"; Proof Of Concept String ======================== <script>alert('XSS');</script> Email ===== N_A[at]tutanota.com


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top