[KAPDA::#27] - Runcms 1.x Cross_Site_Scripting vulnerability
KAPDA New advisory
Vulnerable products : Runcms 1.x Vendor: www.runcms.org Risk: Low Vulnerabilities: Cross_Site_Scripting Discoverd by Roozbeh Afrasiabi roozbeh[at]yahoo[dot]com www.kapda.ir www.persiax.com
Found : Jan 28 2006 Vendor Contacted : N/A
"Runcms Includes most things a webmaster would expect from a cms: downloads,links, tutorials section, polls, forums, news, faq, contact form,rss feeds,file uploads, blogging via xml-rpc, & more. Possibility to manage users as groups with module/block specific access permissions, and extend functioality via 3rd party module plug-ins. Has a simple yet good themability. Easy enough to use for users, while staying simple enough to extend & customize for coders." (from runcms.org)
RUNCMS is affected by a cross-site scripting vulnerability. This issue is due to the failure of the application to properly sanitize user- supplied input.
As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed.
The application does not validate the "lid" variable upon submission to ratefile.php.
All KAPDA members
Discoverd by Roozbeh Afrasiabi roozbeh_afrasiabi[at]yahoo[dot]com www.kapda.ir www.persiax.com