socketmail-xss.txt

2007-10-22T00:00:00
ID PACKETSTORM:60285
Type packetstorm
Reporter Maximiliano Soler
Modified 2007-10-22T00:00:00

Description

                                        
                                            `+====================================================================+  
+ SocketMail <=2.2.1 (XSS) Multiple Remote Vulnerabilities +  
+====================================================================+  
  
  
Author(s): Ivan Sanchez & Maximiliano Soler.  
  
Product: SocketMail.  
  
Description: SocketMail is a powerful, scalable and fully customisable e-mail  
solution. Ideal messaging solution for sizes  
  
web site and enterprises.  
  
Web: http://www.socketmail.com/site/home/  
  
Versions: 2.2.1 (or less)  
  
Date: 19/10/2007  
  
  
  
  
GOOGLE DORKS:  
------------  
[+] intext:"Powered by SocketMail version"  
  
  
  
EXPLOIT:  
--------  
  
For example...after the variable "lost_id"  
  
http://www.[DOMAIN].tld/[PATH]/lostpwd.php?lost_id=[XSS]  
  
  
  
  
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!  
+====================================================================+  
+ SocketMail <=2.2.1 (XSS) Multiple Remote Vulnerabilities +  
+====================================================================+  
  
--   
Maximiliano Soler.  
Reports & Review Code.  
  
Null Code Services.  
www.nullcode.com.ar  
  
----------------------------------------------------------------  
This message was sent using IMP, the Internet Messaging Program.  
`