Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormLiquidWormPACKETSTORM:109857
HistoryFeb 17, 2012 - 12:00 a.m.

WampServer 2.2c Cross Site Scripting

2012-02-1700:00:00
LiquidWorm
packetstormsecurity.com
26

EPSS

0.007

Percentile

80.9%

JSON
`  
  
WampServer <= 2.2c (lang) Remote Cross-Site Scripting Vulnerability  
  
  
Vendor: Alter Way  
Product web page: http://www.wampserver.com  
Affected version: <= 2.2c (32/64bit)  
  
Summary: WampServer is a Windows web development environment.  
It allows you to create web applications with Apache2, PHP and  
a MySQL database.  
  
Desc: WampServer is vulnerable to cross-site scripting vulnerability.  
This issue is due to the application's failure to properly sanitize  
user-supplied input thru the 'lang' parameter (GET) in index.php script.  
An attacker may leverage any of the cross-site scripting issues to have  
arbitrary script code executed in the browser of an unsuspecting user in  
the context of the affected site. This may facilitate the theft of cookie-based  
authentication credentials, phishing as well as other attacks.  
  
  
=================================================================  
/index.php:  
-----------  
265: if (isset ($_GET['lang']))  
266: {  
267: $langue = $_GET['lang'];  
268: }  
  
=================================================================  
  
  
Tested on: Microsoft Windows XP Professional SP3 (EN) 32bit  
Microsoft Windows 7 Ultimate SP1 (EN) 64bit  
  
  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
@zeroscience  
  
  
Vendor status:  
  
[13.02.2012] Vulnerability discovered.  
[16.02.2012] Vendor notified of the vulnerability.  
[17.02.2012] Public security advisory released.  
  
  
Advisory ID: ZSL-2012-5072  
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5072.php  
  
Related Advisory ID: ZSL-2010-4926  
Related Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4926.php  
  
CVE-2010-0700: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0700  
CWE-79: http://cwe.mitre.org/data/definitions/79.html  
  
  
  
13.02.2012  
  
---  
  
Dork:  
  
"intext:WampServer - Donate - Alter Way"  
"intitle:WAMPSERVER Homepage"  
  
  
PoC:  
  
http://localhost/?lang="><script>alert('zsl')</script>  
http://localhost/index.php?lang="><script>alert('zsl')</script>  
`

Related

cvelist 1
openvas 1
exploitdb 1
prion 1
nvd 1
zeroscience 2
cve 1
cvelist
cvelist
CVE-2010-0700
2010-02-23 20:00:00
openvas
openvas
WampServer <= 2.0i 'lang' Parameter XSS Vulnerability
2010-03-05 00:00:00
exploitdb
exploitdb
WampServer 2.0i - &#039;lang&#039; Cross-Site Scripting
2010-02-22 00:00:00
prion
prion
Cross site scripting
2010-02-23 20:30:00
nvd
nvd
CVE-2010-0700
2010-02-23 20:30:00
zeroscience
zeroscience
WampServer <= 2.2c (lang) Remote Cross-Site Scripting Vulnerability
2012-02-17 00:00:00
WampServer 2.0i (index.php) Remote Cross Site Scripting Vulnerability
2010-02-22 00:00:00
cve
cve
CVE-2010-0700
2010-02-23 20:30:00

EPSS

0.007

Percentile

80.9%

JSON
Related for PACKETSTORM:109857
cvelist1openvas1exploitdb1prion1nvd1zeroscience2cve1