Home / os / solaris

jetboxcms-xss.txt

Posted on 17 May 2007

hi there jetbox cms is also vulnerable to severals xss GET: http://127.0.0.1/jetbox/index.php/view/search/?path=[xss] http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=[xss] http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=1&country=[xss] http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=[xss] http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=[xss] http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=[xss]http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=1&recipient=jetbox@localhost.com&required=[xss] http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=1&recipient=jetbox@localhost.com&required=firstname,surname,email,companyname,country,workphone,title,topic,website,text&signupsubmit=true&subject=News&submit=Send&surname=[xss] http://127.0.0.1/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=1&recipient=jetbox@localhost.com&required=firstname,surname,email,companyname,country,workphone,title,topic,website,text&signupsubmit=true&subject=News&submit=Send&surname=1&text=1&title=[xss] shell upload: you can upload any kind of file if you have some authors privileges. your file will be located here: ./jetbox/webfiles/yourfile.php solution: 1) xss --> use: http://us.php.net/manual/en/function.htmlentities.php 2) upload script : --> allow only certains extension like : txt,mp3,zip,rar,pdf,odt,doc...etc... regards laurent gaffié.

 

TOP