Vulners
Lucene search
CMS Websitebaker 2.8.3 SP3 Cross Site Scripting
🗓️ 19 Jan 2015 00:00:00Reported by Steffen RoesemannType 
packetstorm🔗 packetstormsecurity.com👁 47 Views
| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
 | CVE-2015-0533 | 21 Aug 201513:00 | – | circl |
 | WebsiteBaker 'modify.php' Cross-Site Scripting Vulnerability | 20 Jan 201500:00 | – | cnvd |
| Multiple EMC RSA products vulnerable | 21 Aug 201500:00 | – | cnvd |
 | CVE-2015-0533 | 20 Aug 201510:00 | – | cve |
| CVE-2015-0553 | 21 Jan 201515:00 | – | cve |
 | CVE-2015-0533 | 20 Aug 201510:00 | – | cvelist |
| CVE-2015-0553 | 21 Jan 201515:00 | – | cvelist |
 | EUVD-2015-0546 | 7 Oct 202500:30 | – | euvd |
| EUVD-2015-0566 | 7 Oct 202500:30 | – | euvd |
 | CVE-2015-0533 | 20 Aug 201510:59 | – | nvd |
10
`Advisory: Reflecting XSS vulnerability in CMS Websitebaker v.2.8.3 SP3
Advisory ID: SROEADV-2015-03
Author: Steffen Rösemann
Affected Software: CMS Websitebaker v.2.8.3 SP3
Vendor URL: http://www.websitebaker.org/de/home.php
Vendor Status: Vendor did not respond
CVE-ID: CVE-2015-0553
Tested with:
- Firefox 34
- Mac OS X 10.10
==========================
Vulnerability Description:
==========================
In the administrative backend of the content management system Websitebaker
v. 2.8.3 SP3 resides a reflecting XSS vulnerability.
==================
Technical Details:
==================
The file "modify.php" in which the researcher Manuel Cardenas (see
timeline) already found a SQL injection vulnerability, is as well prone to
a reflecting XSS vulnerability via a hidden form-field.
Exploit-Example:
http://
{TARGET}/admin/pages/modify.php?page_id=1"><script>alert('XSS')</script><!--
=========
Solution:
=========
Vendor did not respond.
====================
Disclosure Timeline:
====================
29-Dec-2014 – found the vulnerability
29-Dec-2014 - compared to findings of Manuel Garcia Cardenas (see
http://seclists.org/fulldisclosure/2014/Nov/44)
04-Jan-2015 - informed the developers
04-Jan-2015 – release date of this security advisory [without technical
details]
04-Jan-2015 - requested a CVE-ID
05-Jan-2015 - received CVE-2015-0533 from Mitre
05-Jan-2015 - submitted CVE-2015-0533 to vendor
14-Jan-2015 - contacted vendor again via Twitter (see [3])
18-Jan-2015 - release date of this security advisory
18-Jan-2015 - send to lists
========
Credits:
========
Vulnerability found and advisory written by Steffen Rösemann.
===========
References:
===========
[1] http://www.websitebaker.org/de/home.php
[2] http://sroesemann.blogspot.de/2015/01/sroeadv-2015-03_4.html
[3] https://twitter.com/sroesemann/status/555397239229911040
[4]
http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2015-03.html
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Jan 2015 00:00Current
EPSS0.00572