Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
htbridgeHigh-Tech BridgeHTB22371
HistoryMay 06, 2010 - 12:00 a.m.

Multiple Vulnerabilities in LiSK CMS

2010-05-0600:00:00
High-Tech Bridge
www.htbridge.com
24

0.002 Low

EPSS

Percentile

57.8%

JSON

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LiSK CMS which could be exploited to perform cross-site scripting attacks and execute arbitrary SQL commands in application`s database.

  1. Cross-site scripting (XSS) vulnerability in LiSK CMS: CVE-2010-2013
    The vulnerability exists due to input sanitation error in the “id” parameter in edit_email.php. A remote attacker can send a specially crafted HTTP GET request to the vulnerable script and execute arbitrary HTML and script code in user`s browser in context of the vulnerable website.
    Exploitation example:
    http://host/path_to_cp/edit_email.php?&amp;id=contact_form_214’+--+<img+src= x+onerror=alert%28document.cookie%29%3E

  2. Cross-site scripting (XSS) vulnerability in LiSK CMS: CVE-2010-2014
    The vulnerability exists due to input sanitation error in the “cl” parameter in list_content.php. A remote attacker can send a specially crafted HTTP GET request to the vulnerable script and execute arbitrary HTML and script code in user`s browser in context of the vulnerable website.
    Exploitation example:
    http://host/path_to_cp/list_content.php?cl=2’"><img+src=x+onerror=al ert%28document.cookie%29%3E

  3. SQL injection vulnerabilities in LiSK CMS: CVE-2010-2015
    3.1 The vulnerability exists due to input sanitation error in the “id” parameter in cp_messages.php. A remote attacker can send a specially crafted HTTP GET request to the vulnerable script and execute arbitrary SQL commands in applications database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data in the database. To exploit this vulnerability user must have "CP Messages" privileges. Exploitation example: http://host/path_to_cp/cp_messages.php?action=view_inbox&amp;id=-1+union+select+ 1,2,3,4,5,6,7,8,9+--+ 3.2 The vulnerability exists due to input sanitation error in the "id" parameter in edit_email.php. A remote attacker can send a specially crafted HTTP GET request to the vulnerable script and execute arbitrary SQL commands in applications database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data in the database. To exploit this vulnerability user must have “CP Messages” privileges.
    Exploitation example:
    http://host/path_to_cp/edit_email.php?&amp;id=X’+union+select+1,2,3,4,5,6+--+

CPENameOperatorVersion
lisk cmsle4.4

Related

cve 3
cvelist 3
nvd 3
prion 3
cve
cve
CVE-2010-2013
2010-05-24 17:30:01
CVE-2010-2014
2022-10-03 16:21:10
CVE-2010-2015
2022-10-03 16:21:08
cvelist
cvelist
CVE-2010-2014
2022-10-03 16:21:10
CVE-2010-2015
2022-10-03 16:21:08
CVE-2010-2013
2010-05-24 17:00:00
nvd
nvd
CVE-2010-2015
2010-05-24 17:30:01
CVE-2010-2013
2010-05-24 17:30:01
CVE-2010-2014
2010-05-24 17:30:01
prion
prion
Cross site scripting
2010-05-24 17:30:00
Cross site scripting
2010-05-24 17:30:00
Sql injection
2010-05-24 17:30:00

0.002 Low

EPSS

Percentile

57.8%

JSON
Related for HTB22371
cve3cvelist3nvd3prion3