SAXON admin/menu.php config[news_url] Variable XSS

2007-10-29T00:00:00
ID OSVDB:38287
Type osvdb
Reporter OSVDB
Modified 2007-10-29T00:00:00

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off' and the register_globals PHP option is 'on' (not the default setting for PHP since version 4.2.0 / 22-Apr-2002).

Manual Testing Notes

http://[TARGET]/[PATH]/admin/menu.php?config[news_url]="><script>alert(document.cookies)</script>

References:

Vendor Specific Advisory URL Secunia Advisory ID:27444 Other Advisory URL: http://www.netvigilance.com/advisory0054 Other Advisory URL: http://securityreason.com/securityalert/3310 Keyword: Simple Accessible XHTML Online News ISS X-Force ID: 38134 CVE-2007-4862 Bugtraq ID: 26237