[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [KAPDA::#27] - Runcms 1.x Cross_Site_Scripting vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [KAPDA::#27] - Runcms 1.x Cross_Site_Scripting vulnerability
From: roozbeh_afrasiabi@xxxxxxxxx
Date: 1 Mar 2006 23:56:45 -0000

[ADDITIONS AND CORRECTIONS]

Detail and PoC :
--------------------

The application does not validate the "lid" variable upon submission to 
ratelink.php(*) and ratefile.php.

h**p://[target]/public/modules/mylinks/ratelink.php?lid={number}">[code]

h**p://[target]/public/modules/downloads/ratefile.php?lid={number}">[code]

--------------------
(*)ratelink.php was later found to be vulnerable too.

Prev by Date: [FLSA-2006:178989] Updated perl-DBI package fixes security issue
Next by Date: [OSX]: /usr/bin/passwd local root exploit.
Previous by thread: [FLSA-2006:178989] Updated perl-DBI package fixes security issue
Next by thread: [OSX]: /usr/bin/passwd local root exploit.
Index(es):
- Date
- Thread