Calendar Script E.M.M.A 1.2 Cross Site Scripting

Calendar Script E.M.M.A 1.2 Cross Site Scripting: Posted Jan 14, 2013; Authored by Viknesvaran Sittaramane; Calendar Script Easy Membership Management Application version 1.2 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 16f16c1618bc031526405b1143082ceb9cb684dba30f827742446c5badeaceb5; Download | Favorite | View

Calendar Script E.M.M.A 1.2 Cross Site Scripting

Advisory:Calendar Script Easy Membership Management Application(E.M.M.A) Persistent XSS Vulnerability
Version:1.2
Vendor URL: http://calendarscripts.info/emma/
Demo Link: http://demo.pimteam.net/emma/admin.php

Author: Viknesvaran Sittaramane
Category: Webapp  
Twiiter: https://twitter.com/csvsn
 
~.~.~.~.~.~.~.~.~.~.~.
Product Description
~.~.~.~.~.~.~.~.~.~.~.

E.M.M.A. Is Easy Membership Management Application

Features:
Create different subscription plans
Select subscription plan for every content
Upload protected pages, images and downloadable files
Your users can renew or upgrade their subscriptions any time
~.~.~.~.~.~.~.~.~.~.~.
Vulnerability Description
~.~.~.~.~.~.~.~.~.~.~.
 
 E.M.M.A multiple fields suffers from Persistent XSS Vulnerability

~.~.~.~.~.~.
PoC-Exploit
~.~.~.~.~.~.

----------------------
Front End of E.M.M.A :
----------------------
Step1: Go to the Registration form

Registration Demo url : http://demo.pimteam.net/emma/index.php?action=register

Step2: On the fields Name, Address, Buiness name,Tel, Mob, Test Field, Association enter the malicious script then SIGN UP

Step3: Login using the registered email and password -> Go to Edit Profile -> Pop Up Appears

Step4: Persistant XSS Confirmed

Parameter used : '"--><script>alert(0x000872)</script>

Screenshot: http://i47.tinypic.com/wvve4o.png

--------------------------------
Administrator Panel of E.M.M.A :
--------------------------------
Demo URL for E.M.M.A Administrator Panel : http://demo.pimteam.net/emma/admin.php?1358152765

Step1: Login to E.M.M.A

Step2:Under Manage users Tab (Manage users)
  a.Edit any Username and replace username with a malicious script and Save it (Same goes to Create new user)
  b. A Pop up appears -> Persistent XSS

Step3:Under Manage Site Tab (Content Categories) 
  a.Under name field insert a malicious script and Save it (Add Category)
  b. A Pop up appears -> Persistent XSS

Step4:Under Manage Site Tab (Manage Contents->Click here to Upload Contents) 
  a.Content/page title and description field insert a malicious script and Save it (Add Plan)
  b. A Pop up appears -> Persistent XSS


Step5:Under Manage Site Tab (Subscription Plans) 
  a.Under Plane name field insert a malicious script and Save it 
  b. A Pop up appears -> Persistent XSS
  

Parameter used : '"--><script>alert(0x000872)</script>
~.~.~.~.~.~.~.~.~.~.
Disclosure Timeline
~.~.~.~.~.~.~.~.~.~.

14th January 2013 -> Vendor Notified

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Calendar Script E.M.M.A 1.2 Cross Site Scripting

Calendar Script E.M.M.A 1.2 Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Calendar Script E.M.M.A 1.2 Cross Site Scripting

Share This

Calendar Script E.M.M.A 1.2 Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems