Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormSimon BieberPACKETSTORM:121067
HistoryApr 03, 2013 - 12:00 a.m.

e107 CMS 1.0.2 Cross Site Scripting

2013-04-0300:00:00
Simon Bieber
packetstormsecurity.com
28

0.002 Low

EPSS

Percentile

58.2%

JSON
`TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability   
in e107 CMS v1.0.2  
  
Published: 2013/04/03  
Version 1.0  
  
Affected Products:  
e107 version 1.0.2 (others not tested)  
http://www.e107.org  
  
References:  
TC-SA-2013-01 www.tele-consulting.com/advisories/TC-SA-2013-01.txt   
(used for updates)  
CVE-2013-2750 - Reflected Cross-Site-Scripting (XSS) vulnerability   
in e107 CMS v1.0.2  
  
Summary:  
"e107 is a free (open-source) content management system allowing   
you to easily manage and publish your content. Developers can   
save time in building websites and powerful online applications.  
Users can avoid programming completely!" (www.e107.org)   
The content_preset.php Script in e107 CMS is vulnerable to   
reflected Cross-Site-Scripting (XSS) attacks. Malicious code is   
not sanitized when using "%00" in conjuction with "%0d%0a"   
within GET-Parameter.  
  
Effect:  
Under certain circumstances it is possible that attackers may   
inject arbitrary script code e. g. to steal authentication data.   
  
Vulnerable Scripts:  
/e107_plugins/content/handlers/content_preset.php  
  
Examples:  
http://[host]/e107_plugins/content/handlers/content_preset.php?  
%3c%00script%0d%0a>alert('reflexted%20XSS')</script>  
  
Possible Solutions:  
Use e107 v1.0.3 (contains updated content_preset.php)  
  
Affected products:  
e107 1.0.2 (older releases have not been tested)  
  
Disclosure Timeline:  
2013/02/18 vendor contacted via email  
2013/02/18 initial response  
2013/03/04 proposed fix by vendor  
2013/03/08 second proposed fix by vendor  
2013/03/13 fix confirmed  
2013/03/14 vendor released update 1.0.3  
2013/04/03 Public disclosure  
  
Credits  
Simon Bieber ([email protected])  
Tele-Consulting security networking training GmbH  
www.tele-consulting.com  
  
Disclaimer:  
All information is provided without warranty. The intent is to   
provide information to secure infrastructure and/or systems, not  
to be able to attack or damage. Therefore Tele-Consulting shall   
not be liable for any direct or indirect damages that might be   
caused by using this information.  
`

Related

securityvulns 2
seebug 1
nessus 1
prion 1
cve 1
cvelist 1
openvas 1
securityvulns
securityvulns
TC-SA-2013-01: Reflected Cross-Site-Scripting &#40;XSS&#41; vulnerability in e107 CMS v1.0.2
2013-05-06 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2013-05-06 00:00:00
seebug
seebug
e107 'content_preset.php'跨站脚本漏洞(CVE-2013-2750)
2013-04-08 00:00:00
nessus
nessus
e107 content_preset.php URI XSS
2013-05-13 00:00:00
prion
prion
Cross site scripting
2014-01-22 19:55:00
cve
cve
CVE-2013-2750
2014-01-22 19:55:00
cvelist
cvelist
CVE-2013-2750
2014-01-22 19:00:00
openvas
openvas
e107 query Cross Site Scripting Vulnerability
2014-01-28 00:00:00

0.002 Low

EPSS

Percentile

58.2%

JSON
Related for PACKETSTORM:121067
securityvulns2seebug1nessus1prion1cve1cvelist1openvas1