|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Seditio Cross Site Scripting Vulnerability
mail
yunusemreyilmaz.com
Date: Wed May 24 2006 - 10:18:26 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Advisory : Cross Site Scripting in Seditio (http://www.neocrome.net)
Release Date : 24/05/2005
Last Modified : 24/05/2005
Author : Yunus Emre Yilmaz ( http://yns.zaxaz.com)
Application : Seditio v102 ( maybe older versions)
Risk : Critical
Problem :
Ldu's logging all referer info for administrator.If an attacker change the referer value with malicious
js codes, the code will be executed in administration page.Referer info is coming from user and can be changed as everything.
Proof Of Concept :
I wrote a simple exploit which can be downloaded from here : http://yns.zaxaz.com/exploits/seditio-exploit.rar
Solution :
I wrote an unofficial security patch which can be downloaded from here : http://yns.zaxaz.com/security-patches/security-patches-seditio-v102-xss-patch.rar
(For offical patches : www.neocrome.net)
Original Advisory :
http://yns.zaxaz.com/advisories/seditio.txt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]