| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Nov 2015 15:41:23 +0100 From: "NaxoneZ ." <naxonez@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Mutliple Vulnerabilities in ZurmoCRM 3.0.5 Hi, I found this issues in ZurmoCRM. All issues are reported in their github. 1.- Html Injection - If you create a Product, list, etc. with this name: <h1>injection</h1>[image: Imágenes integradas 1] - When you go to preview page (in this case products), you can see the injection: [image: Imágenes integradas 2] 2.- Information Disclosure When you put %00 in moduleClassName you can see the full path of the installation of ZurmoCRM: /index.php/designer/default/ modulesMenu?moduleClassName=%00 [image: Imágenes integradas 3] 3.- XSS When you create a list in the "check list" field you can insert a XSS code: index.php/tasks/default/list# [image: Imágenes integradas 4] All issues are reported: https://github.com/zurmo/Zurmo/issues You can test this issues in the demo page: http://demo.zurmo.com/demos/stable/app/index.php/zurmo/default/login Regards. ---- Sergio Galán aka @NaxoneZ Download attachment "image.png" of type "image/png" (34294 bytes) Download attachment "image.png" of type "image/png" (8129 bytes) Download attachment "image.png" of type "image/png" (26864 bytes) Download attachment "image.png" of type "image/png" (20002 bytes) _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists