###############################  HUT CNIS #############################
# Exploit Title: Claroline CMS stored XSS Vulnerability
# Date: [2011/10/19]
# Author: S.Azadi 
# Google Dork: intext:Powered by Claroline 2001 - 2009
# Vulnerability Type: Stored XSS
# Version: Claroline © 2001 – 2009
#---------------------------------------------------------------------

Technical Details:

PoC:
Once you create free account and login to your account on Claroline, go to edit your personal informations option: http://sitename and defualt path/claroline/auth/profile.php
Now edit your Name and First name with javascript code:  <script>alert(document.cookie)</script>
With this vulnerability you can access to admin cookie and login instead admin.

sample:
http://www.econdu.ac.bd/claroline192/ || username: dark.shadow / password: 123456
http://www.interlink.edu/claroline/uncg/ || username: dark.shadow / password: 123456



#
#
#
###########-HUT Center for Network and Information Security-################