Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CMS Papoo 6.0.0 Revision 4701 Cross Site Scripting

🗓️ 15 Dec 2014 00:00:00Reported by Steffen RoesemannType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 14 Views

CMS Papoo 6.0.0 Rev 4701 XSS Vulnerabilities Advisory by Steffen Röseman

Code
`Advisory: Persistent XSS Vulnerability in CMS Papoo Light v6  
Advisory ID: SROEADV-2014-01  
Author: Steffen Rösemann  
Affected Software: CMS Papoo Version 6.0.0 Rev. 4701  
Vendor URL: http://www.papoo.de/  
Vendor Status: fixed  
CVE-ID: -  
  
==========================  
Vulnerability Description:  
==========================  
  
The CMS Papoo Light Version has a persistent XSS vulnerability in its guestbook functionality and in its user-registration functionality.  
  
==================  
Technical Details:  
==================  
  
XSS-Vulnerability #1:  
  
Papoo Light CMS v6 provides the functionality to post comments on a guestbook via the following url: http://{target-url}/guestbook.php?menuid=6.  
  
The input fields with the id „author“ is vulnerable to XSS which gets stored in the database and makes that vulnerability persistent.  
  
Payload-Examples:  
  
<img src='n' onerror=“javascript:alert('XSS')“ >  
<iframe src=“some_remote_source“></iframe>  
  
XSS-Vulnerability #2:  
  
People can register themselves on Papoo Light v6 CMS at http://{target-url}/account.php?menuid=2. Instead of using a proper username, an attacker can inject HTML and/or JavaScriptcode on the username input-field.  
  
Code gets written to the database backend then. Attacker only has to confirm his/her e-mail address to be able to login and spread the code by posting to the forum or the guestbook where the username is displayed.  
  
Payload-Examples:  
  
see above (XSS #1)  
  
=========  
Solution:  
=========  
  
Update to the latest version  
  
====================  
Disclosure Timeline:  
====================  
13-Dec-2014 – found XSS #1  
13-Dec-2014 - informed the developers (XSS #1)  
14-Dec-2014 – found XSS #2  
14-Dec-2014 – informed the developers (XSS #2)  
15-Dec-2014 - release date of this security advisory  
15-Dec-2014 - response and fix by vendor  
15-Dec-2014 - post on BugTraq  
  
========  
Credits:  
========  
  
Vulnerability found and advisory written by Steffen Rösemann.  
  
===========  
References:  
===========  
  
http://www.papoo.de/  
http://sroesemann.blogspot.de  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
15 Dec 2014 00:00Current
0.2Low risk
Vulners AI Score0.2
cms papoo 6.0.0cross site scriptingpersistent xss
14