| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALCpQr9ggTmsjK3pLCenvWAa-o_-asq8woZvSGWaV_SOPLiSFg@mail.gmail.com>
Date: Fri, 19 Feb 2016 23:38:37 +0530
From: Sachin Wagh <wsachin092@...il.com>
To: fulldisclosure@...lists.org, submit@...sec.com
Subject: [FD] ferretCMS– Multiple Cross-Site Scripting Vulnerabilities
Information
*------------------------------**------------------------------*
*------------------------------**------------------------------*
Vulnerability Type : Multiple Cross Site Scripting Vulnerabilities
Vulnerable Version : 2.0.2-alpha
Vendor Homepage:https://github.com/JRogaishio/ferretCMS
CVE-ID :
Severity : Medium
Author – Sachin Wagh (@tiger_tigerboy)
Description
------------------------------------------------------------------------------------------------------------------------
ferretCMS is prone to multiple cross-site scripting vulnerabilities because
it fails to sanitize user-supplied input. An attacker may leverage these
issues to execute arbitrary script code in the browser of an unsuspecting
user in the context of the affected site.
*Proof of Concept URL *
------------------------------------------------------------------------------------------------------------------------
http://localhost/ferretCMS-master/admin.php
Parameter :
1.Username
http://localhost/ferretCMS-master/admin.php?type=customkey&action=insert&p=
Parameter :
1.key
2.value
http://localhost/ferretCMS-master/admin.php?type=template&action=insert&p=
Parameter :
1.path
2.file
3.title
Please find attached *POC.*
*Advisory Timeline*
------------------------------------------------------------------------------------------------------------------------
02-Jan-2016-Reported -> (No Reply)
Credits & Authors
------------------------------------------------------------------------------------------------------------------------
*Sachin Wagh (@tiger_tigerboy)*
Download attachment "Ferret CMS Cross-Site Scripting Vulnerability.png" of type "image/png" (126046 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists