Xoops NewList.PHP Cross-Site Scripting Vulnerability
BID:20927
Info
Xoops NewList.PHP Cross-Site Scripting Vulnerability
| Bugtraq ID: | 20927 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 06 2006 12:00AM |
| Updated: | Nov 13 2006 10:21PM |
| Credit: | CvIr.System <CvIr.System[at]gmail.com> is credited with the discovery of this vulnerability. |
| Vulnerable: |
Xoops Xoops 1.0 SmartFactory WF-Downloads 2.0.5 SmartFactory WF-Downloads 2.05b |
| Not Vulnerable: |
SmartFactory WF-Downloads 3.1 |
Discussion
Xoops NewList.PHP Cross-Site Scripting Vulnerability
Xoops is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Version 1.0 is vulnerable; other versions may also be affected.
Xoops is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Version 1.0 is vulnerable; other versions may also be affected.
Exploit / POC
Xoops NewList.PHP Cross-Site Scripting Vulnerability
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
The following proof-of-concept URI is available:
http://www.example.com/modules/wfdownloads/newlist.php?newdownloadshowdays=[XSS]
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
The following proof-of-concept URI is available:
http://www.example.com/modules/wfdownloads/newlist.php?newdownloadshowdays=[XSS]
Solution / Fix
Xoops NewList.PHP Cross-Site Scripting Vulnerability
Solution:
The vendor has released version 3.1 to address this issue; please see the reference section for details.
SmartFactory WF-Downloads 2.05b
SmartFactory WF-Downloads 2.0.5
Solution:
The vendor has released version 3.1 to address this issue; please see the reference section for details.
SmartFactory WF-Downloads 2.05b
-
Xoops xoops2_mod_wfdownloads_3.1_final_smartfactory.zip
http://smartfactory.ca/uploads/xoops2_mod_wfdownloads_3.1_final_smartf actory.zip
SmartFactory WF-Downloads 2.0.5
-
Xoops xoops2_mod_wfdownloads_3.1_final_smartfactory.zip
http://smartfactory.ca/uploads/xoops2_mod_wfdownloads_3.1_final_smartf actory.zip
References
Xoops NewList.PHP Cross-Site Scripting Vulnerability
References:
References:
- WF-Downloads Homepage (SmartFactory)
- XOOPS Web Site (XOOPS)