Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

e107 2.0 alpha2 Cross Site Scripting Vulnerability

🗓️ 17 Jul 2014 00:00:00Reported by High-Tech BridgeType 
zdt
 zdt🔗 0day.today👁 41 Views

e107 2.0 alpha2 Cross Site Scripting Vulnerability, CVE-2014-4734, Low Ris

Related
Code
ReporterTitlePublishedViews
Family
CVE		CVE-2014-4734
21 Jul 201414:00
cve
Cvelist		CVE-2014-4734
21 Jul 201414:00
cvelist
EUVD		EUVD-2014-4653
7 Oct 202500:30
euvd
htbridge		Reflected Cross-Site Scripting (XSS) in e107
18 Jun 201400:00
htbridge
NVD		CVE-2014-4734
21 Jul 201414:55
nvd
Packet Storm		e107 2.0 alpha2 Cross Site Scripting
16 Jul 201400:00
packetstorm
Prion		Cross site scripting
21 Jul 201414:55
prion
securityvulns		Reflected Cross-Site Scripting (XSS) in e107
15 Oct 201400:00
securityvulns
securityvulns		Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
15 Oct 201400:00
securityvulns
Vendor: e107
Vulnerable Version(s): 2.0 alpha2 and probably prior
Tested Version: 2.0 alpha2
Advisory Publication: June 18, 2014 [without technical details]
Vendor Notification: June 18, 2014
Vendor Patch: June 27, 2014
Public Disclosure: July 16, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-4734
Risk Level: Low
CVSSv2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ )

-----------------------------------------------------------------------------------------------

Advisory Details:

High-Tech Bridge Security Research Lab discovered vulnerability in e107, which can be exploited to perform Cross-Site
Scripting (XSS) attacks.

1) Reflected Cross-Site Scripting (XSS) in e107: CVE-2014-4734

The vulnerability exists due to insufficient sanitization of "type" HTTP GET parameter passed to
"/e107_admin/db.php" script. A remote attacker can trick a logged-in administrator to follow a specially
crafted link and execute arbitrary HTML and scripting code in administrator’s browser.

Using advanced XSS techniques a remote attacker can gain complete access over administrator’s session and perform
arbitrary actions as web application administrator.

The following exploitation example displays JS pop-up with "immuniweb" word when the administrator hits the
"submit" button:

http://[host]/e107_admin/db.php?mode=pref_editor&type=123%27%20onsubmit=%22alert%28%27immuniweb%27%29%3b%22%20a=%27

-----------------------------------------------------------------------------------------------

Solution:

Update e107_admin/db.php file from GitHub.

More Information:
https://github.com/e107inc/e107/commit/f80e417bb3e7ab5c1a89ea9ddd2cd060f54464e1
https://github.com/e107inc/e107/commit/e3088a877f94ac465555173e28b2f7f4a4f6d5e8

#  0day.today [2018-01-08]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jul 2014 00:00Current
6.2Medium risk
Vulners AI Score6.2
EPSS0.00378
e107cross-site scriptingcve-2014-4734vulnerabilitygithubxssadministratorsecurity advisory
41