Ektron CMS400.NET 7.5.2 - Multiple Vulnerabilities

2010-04-26T00:00:00
ID EXPLOITPACK:45A3D9B30D763F9C7656C0B33B8930DC
Type exploitpack
Reporter Richard Moore
Modified 2010-04-26T00:00:00

Description

Ektron CMS400.NET 7.5.2 - Multiple Vulnerabilities

                                        
                                            source: https://www.securityfocus.com/bid/39679/info

Ektron CMS400.NET is prone to multiple security vulnerabilities, including multiple cross-site scripting issues, an information-disclosure issue, a cookie-manipulation issue, a directory-traversal issue, a security-bypass issue, and a URI redirection issue.

Attackers can leverage these issues to bypass authentication mechanisms, execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, obtain sensitive information, bypass certain security restrictions, and redirect a user to a potentially malicious site; other attacks are also possible.

Ektron CMS400.NET 7.5.2.49 is affected; other versions may also be vulnerable. 

The following example URIs are available:

Cross-Site Scripting issue:

http://www.example.com/WorkArea/reterror.aspx?info=<script>alert('vulnerable')</script>
http://www.example.com/workarea/medialist.aspx?action=ViewLibraryByCategory&selectids='; alert('Vulnerable');//

URI Redirection issue:

http://www.example.com/workarea/blankredirect.aspx?http://www.example2.com