Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Team Johnlong RaidenTunes 2.1.1 Remote XSS Vulnerability

🗓️ 03 Aug 2010 00:00:00Reported by LiquidWormType 
zdt
 zdt🔗 0day.today👁 15 Views

RaidenTunes 2.1.1 Remote Cross-Site Scripting Vulnerability in music_out.ph

Code
========================================================
Team Johnlong RaidenTunes 2.1.1 Remote XSS Vulnerability
========================================================


Title: Team Johnlong RaidenTunes 2.1.1 Remote Cross-Site Scripting Vulnerability
Vendor: RaidenFTPDteam / Team Johnlong Software
Product Web Page: http://www.raidentunes.com
 
 Summary: RaidenTunes is a Web server based + application software that
 allows You to setup an online music server quickly. It can scan the music
 folders in Your PC and organize them into a database, allowing users to
 connect to this server and browser/search and listen to the music easily.
 Interaction between users is also possible with built in message board for
 albums.
 
 Desc: RaidenTunes 2.1.1 suffers from a Cross-Site Scripting (XSS) vulnerability
 caused by improper validation of user-supplied input by the music_out.php
 script thru "p" param. A remote attacker could exploit this vulnerability
 to execute script in a victim's Web browser within the security context of
 the hosting Web site, allowing the attacker to steal the victim's cookie-based
 authentication credentials.
 
 Affected Version: 2.1.1
 
 Tested On: Microsoft Windows XP Professional SP3 (English)
 
 
 Vendor Status: [02.08.2010] - Vulnerability discovered.
                [02.08.2010] - Initial contact with the vendor.
                [02.08.2010] - Vendor replied asking for details.
                [02.08.2010] - Sent PoC to vendor.
                [02.08.2010] - Vendor confirms vulnerability.
                [04.08.2010] - Vendor releases version 2.1.2 to address this issue.
                [04.08.2010] - Public advisory released.
 
 
 Zero Science Lab Advisory ID: ZSL-2010-4947
 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4947.php
 
 
 Vulnerability Discovered By: Gjoko 'LiquidWorm' Krstic
 liquidworm gmail com
 
 Zero Science Lab
 http://www.zeroscience.mk
 
 02.08.2010
 
 
 
 Proof Of Concept:
 
 http://192.168.17.19/music_out.php?p=29%27%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
 http://192.168.17.19/music_out.php?p=%27%3Cscript%3Ealert%28document.cookie%29%3C/script%3E



#  0day.today [2018-01-03]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Aug 2010 00:00Current
7.1High risk
Vulners AI Score7.1
raidentunescross-site scriptingxssvulnerabilityremotemusic serverweb serverraidenftpdteamteam johnlong softwarezero science labgjoko krstic2.1.1pocmicrosoft windows xp
15