Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

runcmsXSS.txt

🗓️ 26 Feb 2006 00:00:00Reported by Roozbeh AfrasiabiType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 20 Views

Runcms 1.x Cross_Site_Scripting vulnerability in downloads modul

Code
`[KAPDA::#27] - Runcms 1.x Cross_Site_Scripting vulnerability  
  
KAPDA New advisory  
  
Vulnerable products : Runcms 1.x  
Vendor: www.runcms.org  
Risk: Low  
Vulnerabilities: Cross_Site_Scripting  
Discoverd by Roozbeh Afrasiabi  
roozbeh[at]yahoo[dot]com  
www.kapda.ir  
www.persiax.com  
  
  
Date :  
--------------------  
Found : Jan 28 2006  
Vendor Contacted : N/A  
  
About :  
--------------------  
"Runcms Includes most things a webmaster would expect from a cms: downloads,links, tutorials section, polls, forums, news, faq, contact form,rss feeds,file uploads, blogging via xml-rpc, & more. Possibility to manage users as groups with module/block specific access permissions, and extend functioality via 3rd party module plug-ins. Has a simple yet good themability.  
Easy enough to use for users, while staying simple enough to extend & customize for coders." (from runcms.org)  
  
  
Vulnerability:  
--------------------  
Cross_Site_Scripting :  
  
RUNCMS is affected by a cross-site scripting vulnerability. This issue is due to the failure of the application to properly sanitize user-  
supplied input.  
  
As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed.  
  
  
Detail and PoC :  
--------------------  
  
  
The application does not validate the "lid" variable upon submission  
to ratefile.php.  
  
h**p://[target]/public/modules/downloads/ratefile.php?lid={number}">[code]  
  
  
  
Solution :  
--------------------  
N/A  
  
  
Original Advisory :  
--------------------  
http://kapda.ir/advisory-267.html  
  
  
Especial thanks to:  
--------------------  
All KAPDA members  
  
  
Credit :  
--------------------  
Discoverd by Roozbeh Afrasiabi  
roozbeh_afrasiabi[at]yahoo[dot]com  
www.kapda.ir  
www.persiax.com  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
26 Feb 2006 00:00Current
7.4High risk
Vulners AI Score7.4
runcms 1.xcross_site_scriptingdownloads modulevulnerabilityremote attackerscript codeadvisory
20