Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

advisory-singapore-modern-template.txt

🗓️ 22 Jan 2008 00:00:00Reported by Ruben Ventura PinaType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 17 Views

Singapore Modern Template v1.3.2 XSS Vulnerability foun

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Code
`######################################################################  
#  
# Singapore Modern Template v1.3.2 <= XSS Vulnerability  
#  
# Date : 14-january-2008  
# Vendor URL : http://www.sgal.org  
#  
# Found By : Rubén Ventura Piña (Trew)  
# Contact Info : http://trew.icenetx.net  
# [email protected]  
# ICEnetX Team - http://icenetx.net  
#  
######################################################################  
#  
# Greetings oh earthlings:   
# Ayzax, BRIO, Gaper, (All ICEnetX Team), n3, Tog, ta^3, Paisterist,  
# and to all people who likes H.I.M, lol.  
#  
# "Maybe you can't break the system, but you can always hack it."  
#  
######################################################################  
#  
## Vulnerability ##  
#  
# The "modern template" is the DEFAULT style template in the popular  
# image gallery "Singapore". A vulnerable version of the modern  
# template is included in singapore's latest version (0.10.1).  
#  
# The following code in templates/moden/header.tpl.php (line 11) can  
# be exploited to conduct a XSS attack:  
#  
# <link rel="alternate" type="application/rss+xml"  
# title="'.$sg->pageTitle().'" href="'.$_SERVER["PHP_SELF"]; if  
# (isset($_GET["gallery"])) { echo '?gallery='.$_GET["gallery"];} echo  
# '&template=rss" />  
#  
# Input passed to the "gallery" parameter is not properly santised.  
# Therefore the following request would result in a XSS flaw:  
#  
# http://site.com/[singapore_path]/default.php?gallery="><script>alert(document.cookie);</script>  
#  
# This way an attacker will be able tu execute arbitrary code in a   
# victim's browser by tricking him to follow a malicious link.  
#  
## How to fix ##  
#  
# Change line 11 in "templates/modern/header.tpl.php" to this:  
#  
# <link rel="alternate" type="application/rss+xml"  
# title="'.$sg->pageTitle().'" href="'.$_SERVER["PHP_SELF"]; if  
# (isset($_GET["gallery"])) { echo '?gallery='.htmlspecialchars($_GET["gallery"]);} echo '&template=rss" />  
#  
#  
[EOF]  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
22 Jan 2008 00:00Current
7.4High risk
Vulners AI Score7.4
xss vulnerabilitysingapore modern templateicenetx teamarbitrary codesanitizationexploit detectioncross site scripting
17
.json
Report