Dijitals CMS Cross Site Scripting Vulnerability

2010-06-11 14:02:08

# Exploit Title: Dijitals CMS XSS Vulnerabilities
# Date: 10.06.2010
# Author: Valentin
# Category: webapps/0day
# Version: latest version
# Tested on:
# CVE :
# Code :


[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
>> General Information
Advisory/Exploit Title = Dijitals CMS XSS Vulnerabilities
Author = Valentin Hoebel
Contact = [email protected]


[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
>> Product information
Name = Dijitals CMS
Vendor = Dijitals
Vendor Website = http://www.dijitals.com/
Affected Version(s) = latest version


[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
>> XSS
All input fields are vulnerable, e.g. search boxes and forms. The login box
of the admin panel is also exposed to XSS attacks.


[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
>> Additional Information
Advisory/Exploit Published = 10.06.2010
Several filters try to avoid XSS, SQL injection and local + remote file inclusions.
The XSS filters can be tricked by e.g. using String.fromCharCode.


[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
>> Misc
Greetz && Thanks = hack0wn, JosS


[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]

Fixes

No fixes

In order to submit a new fix you need to be registered.