SixCMS List.PHP Cross-Site Scripting Vulnerability
BID:18393
CVE-2006-3051 |Info
SixCMS List.PHP Cross-Site Scripting Vulnerability
| Bugtraq ID: | 18393 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 12 2006 12:00AM |
| Updated: | Jun 19 2006 05:55PM |
| Credit: | David "Aesthetico" Vieira-Kurz is credited with the discovery of this vulnerability. |
| Vulnerable: |
Six Offene Systeme GmbH SixCMS 6.0 |
| Not Vulnerable: |
Six Offene Systeme GmbH SixCMS 6.0.6 patch2 |
Discussion
SixCMS List.PHP Cross-Site Scripting Vulnerability
SixCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
SixCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
SixCMS List.PHP Cross-Site Scripting Vulnerability
This issue can be exploited through a web client.
The following proof-of-concept URI is available:
This issue can be exploited through a web client.
The following proof-of-concept URI is available:
Solution / Fix
SixCMS List.PHP Cross-Site Scripting Vulnerability
Solution:
The vendor has addressed this issue in version 6.0.6 patch2. Please contact the vendor for details on obtaining the appropriate updates.
Solution:
The vendor has addressed this issue in version 6.0.6 patch2. Please contact the vendor for details on obtaining the appropriate updates.
References
SixCMS List.PHP Cross-Site Scripting Vulnerability
References:
References:
- [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabi (David "Aesthetico" Vieira-Kurz)
- SixCMS Homepage (Six Offene Systeme GmbH)
- Re: [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulne ([email protected])