Bugtraq: Re: [KAPDA::#27] - Runcms 1.x Cross_Site

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: [KAPDA::#27] - Runcms 1.x Cross_Site_Scripting vulnerability

From: roozbeh_afrasiabi () yahoo com
Date: 1 Mar 2006 23:56:45 -0000

[ADDITIONS AND CORRECTIONS]

Detail and PoC :
--------------------

The application does not validate the "lid" variable upon submission to ratelink.php(*) and ratefile.php.

h**p://[target]/public/modules/mylinks/ratelink.php?lid={number}">[code]

h**p://[target]/public/modules/downloads/ratefile.php?lid={number}">[code]

--------------------
(*)ratelink.php was later found to be vulnerable too.

By Date By Thread

Current thread:

Re: [KAPDA::#27] - Runcms 1.x Cross_Site_Scripting vulnerability roozbeh_afrasiabi (Mar 02)