Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24190
HistoryJul 08, 2010 - 12:00 a.m.

Exponent Slideshow XSS Vulnerability

2010-07-0800:00:00
vulners.com
29
JSON

Title: Exponent Slideshow XSS Vulnerability
Vendor: Exponent
Product: Exponent CMS
Tested Version: 0.97.0
Threat Class: XSS
Severity: High
Remote: yes
Local: no
Discovered By: Andrei Rimsa Alvares

===== Description =====

The file "modules/slideshowmodule/slideshow.js.php" is prone to XSS vulnerabilities. Multiple instance of
variable $_GET['u'] gets outputted to the page without proper sanitization.

===== Impact =====

Malicious java script code can be executed in the context of the affected web site.

===== Proof of Concept =====

http://target/modules/slideshowmodule/slideshow.js.php?u=%3Cscript%3Ewindow.alert(String.fromCharCode(88,83,83));%3C/script%3E

===== Workaround =====

No workaround is available at the time.

===== Disclosure Timeline =====

June, 16 2010 - Vendor notification.
July, 07 2010 - No vendor reply. Public disclosure.

===== References =====

http://www.exponentcms.org

Hotmail: Powerful Free email with security by Microsoft.
https://signup.live.com/signup.aspx?id=60969

JSON