Benja CMS 0.1 - adminadmin_edit_topmenu.php Cross-Site Scripting

2008-06-23T00:00:00
ID EXPLOITPACK:38002726049317B22FB33FBB62DC4F7E
Type exploitpack
Reporter CWH Underground
Modified 2008-06-23T00:00:00

Description

Benja CMS 0.1 - adminadmin_edit_topmenu.php Cross-Site Scripting

                                        
                                            source: https://www.securityfocus.com/bid/29884/info
  
The 'benja CMS' program is prone to multiple vulnerabilities because it fails to adequately validate input and restrict access. These issues include three cross-site scripting issues, an arbitrary-file-upload issue, and a vulnerability that allows unauthorized access to an administrative script.
  
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, to run arbitrary script code in the context of the application, or to access administrative scripts.
  
These issues affect 'benja CMS 0.1'; other versions may also be affected. 

http://www.example.com/[benjacms_path]/admin/admin_edit_topmenu.php/<XSS>