XAMPP 1.7.7 Multiple URI Based Cross-Site Scripting Vulnerabilities

2011-11-07T00:00:00
ID ZSL-2011-5054
Type zeroscience
Reporter Gjoko Krstic
Modified 2011-11-07T00:00:00

Description

Title: XAMPP 1.7.7 Multiple URI Based Cross-Site Scripting Vulnerabilities
Advisory ID: ZSL-2011-5054
Type: Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 07.11.2011

Summary

XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl.

Description

XAMPP suffers from multiple XSS issues in several scripts that use the 'PHP_SELF' variable. The vulnerabilities can be triggered in the 'xamppsecurity.php', 'cds.php' and 'perlinfo.pl' because there isn't any filtering to the mentioned variable in the affected scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

Vendor

Apache Friends - <http://www.apachefriends.org>

Affected Version

1.7.7 (Windows)

Tested On

Microsoft Windows XP Professional SP3 (EN)

Vendor Status

N/A

PoC

xampp_xss.txt

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] <http://packetstormsecurity.org/files/106685>
[2] <http://www.securityfocus.com/bid/50564>
[3] <http://securityreason.com/wlb_show/WLB-2011110029>
[4] <http://xforce.iss.net/xforce/xfdb/71168>

Changelog

[07.11.2011] - Initial release
[09.11.2011] - Added reference [3] and [4]

Contact

Zero Science Lab

Web: <http://www.zeroscience.mk>
e-mail: lab@zeroscience.mk

                                        
                                            &lt;html&gt;&lt;head&gt;&lt;title&gt;403 Nothing to see.&lt;/title&gt;
&lt;link rel="Shortcut Icon" href="favicon.ico" type="image/x-icon"&gt;
&lt;style type="text/css"&gt;
&lt;!--
body {
	background-color: #000;
}
body,td,th {
	font-family: Verdana, Geneva, sans-serif;
}
a:link {
	color: #008FEF;
	text-decoration: none;
}
a:visited {
	color: #008FEF;
	text-decoration: none;
}
a:hover {
	text-decoration: underline;
	color: #666;
}
a:active {
	text-decoration: none;
}
--&gt;
&lt;/style&gt;
&lt;/head&gt;
&lt;body bgcolor=black&gt;
&lt;center&gt;
&lt;font color="#7E88A3" size="2"&gt;
&lt;br /&gt;&lt;br /&gt;
&lt;h1&gt;403 Nothing to see.&lt;/h1&gt;

You do not have the powah for this request /403.shtml&lt;br /&gt;&lt;br /&gt;
&lt;font size="2"&gt;&lt;a href="https://www.zeroscience.mk"&gt;https://www.zeroscience.mk&lt;/a&gt;&lt;/font&gt;
&lt;/font&gt;&lt;/center&gt;
&lt;/body&gt;&lt;/html&gt;