Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormMaldin d.o.oPACKETSTORM:57777
HistoryJul 17, 2007 - 12:00 a.m.

TISA2007-06-Public.txt

2007-07-1700:00:00
Maldin d.o.o
packetstormsecurity.com
16
JSON
`=========================================================================  
TeamIntell Security Advisory TISA2007-06-Public  
-------------------------------------------------------------------------  
Element CMS "s" parameter script insertion vulnerability  
=========================================================================  
  
  
Release Date: 14.7.2007  
Severity: Less critical  
Impact: Cross-site scripting (XSS)  
Status: Official patch not available (0-day)  
Software: Element CMS  
Vendor: http://www.element.si  
http://www.elementcms.si  
Disclosed: Edi Strosar (TeamIntell)  
  
  
Description:  
============  
  
Element CMS, a full featured Slovenian content management   
system, is prone to a cross-site scripting vulnerability   
because the application fails to properly sanitize   
user-supplied input.  
  
Input passed to the "s" parameter in default.asp is not   
properly sanitized before being used. This can be   
exploited to insert arbitrary HTML and script code in a   
user's browser session in context of an affected site.  
  
The vulnerability is reported in all versions of Element   
CMS.  
  
  
Proof of Concept:  
=================  
  
http://demo2.element.si/default.asp?pID=search&mid=sl&s="><script>alert(String.fromCharCode(88,83,83))</script>  
  
  
Solution:  
=========  
  
Vendor informed. Official patch not available.  
  
Note: because of arrogant and unprofessional vendor's   
response TeamIntell decided to release the advisory.  
  
  
Contact:  
========  
  
Maldin d.o.o.  
Trzaska cesta 2  
1000 Ljubljana - SI  
  
tel: +386 (0)590 70 170  
fax: +386 (0)590 70 177  
gsm: +386 (0)31 816 400  
web: www.teamintell.com  
e-mail: [email protected]  
  
  
Disclaimer:  
===========  
  
The content of this report is purely informational and   
meant for educational purposes only. Maldin d.o.o. shall   
in no event be liable for any damage whatsoever, direct or   
implied, arising from use or spread of this information.   
Any use of information in this advisory is entirely at   
user's own risk.  
  
`
JSON