Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormSteffen RoesemannPACKETSTORM:130008
HistoryJan 19, 2015 - 12:00 a.m.

CMS Websitebaker 2.8.3 SP3 Cross Site Scripting

2015-01-1900:00:00
Steffen Roesemann
packetstormsecurity.com
26

0.057 Low

EPSS

Percentile

92.5%

JSON
`Advisory: Reflecting XSS vulnerability in CMS Websitebaker v.2.8.3 SP3  
Advisory ID: SROEADV-2015-03  
Author: Steffen Rösemann  
Affected Software: CMS Websitebaker v.2.8.3 SP3  
Vendor URL: http://www.websitebaker.org/de/home.php  
Vendor Status: Vendor did not respond  
CVE-ID: CVE-2015-0553  
  
Tested with:  
  
- Firefox 34  
- Mac OS X 10.10  
  
==========================  
Vulnerability Description:  
==========================  
  
In the administrative backend of the content management system Websitebaker  
v. 2.8.3 SP3 resides a reflecting XSS vulnerability.  
  
==================  
Technical Details:  
==================  
  
The file "modify.php" in which the researcher Manuel Cardenas (see  
timeline) already found a SQL injection vulnerability, is as well prone to  
a reflecting XSS vulnerability via a hidden form-field.  
  
Exploit-Example:  
  
http://  
{TARGET}/admin/pages/modify.php?page_id=1"><script>alert('XSS')</script><!--  
  
=========  
Solution:  
=========  
  
Vendor did not respond.  
  
  
====================  
Disclosure Timeline:  
====================  
29-Dec-2014 – found the vulnerability  
29-Dec-2014 - compared to findings of Manuel Garcia Cardenas (see  
http://seclists.org/fulldisclosure/2014/Nov/44)  
04-Jan-2015 - informed the developers  
04-Jan-2015 – release date of this security advisory [without technical  
details]  
04-Jan-2015 - requested a CVE-ID  
05-Jan-2015 - received CVE-2015-0533 from Mitre  
05-Jan-2015 - submitted CVE-2015-0533 to vendor  
14-Jan-2015 - contacted vendor again via Twitter (see [3])  
18-Jan-2015 - release date of this security advisory  
18-Jan-2015 - send to lists  
  
  
  
  
========  
Credits:  
========  
  
Vulnerability found and advisory written by Steffen Rösemann.  
  
===========  
References:  
===========  
  
[1] http://www.websitebaker.org/de/home.php  
[2] http://sroesemann.blogspot.de/2015/01/sroeadv-2015-03_4.html  
[3] https://twitter.com/sroesemann/status/555397239229911040  
[4]  
http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2015-03.html  
  
  
`

Related

prion 2
cvelist 2
cve 2
securityvulns 2
seebug 1
prion
prion
Cross site scripting
2015-01-21 15:28:00
Code injection
2015-08-20 10:59:00
cvelist
cvelist
CVE-2015-0553
2015-01-21 15:00:00
CVE-2015-0533
2015-08-20 10:00:00
cve
cve
CVE-2015-0553
2015-01-21 15:28:00
CVE-2015-0533
2015-08-20 10:59:00
securityvulns
securityvulns
EMC RSA BSAFE multiple security vulnerabilities
2015-08-24 00:00:00
ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities
2015-08-24 00:00:00
seebug
seebug
Multiple EMC RSA Products ESA-2015-081 Multiple Security Vulnerabilities
2015-08-31 00:00:00

0.057 Low

EPSS

Percentile

92.5%

JSON
Related for PACKETSTORM:130008
prion2cvelist2cve2securityvulns2seebug1