TCExam $_SERVER[] Cross-Site Scripting Vulnerability
BID:23704
Info
TCExam $_SERVER[] Cross-Site Scripting Vulnerability
| Bugtraq ID: | 23704 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 29 2006 12:00AM |
| Updated: | May 02 2007 09:09PM |
| Credit: | rgod is credited with the discovery of this vulnerability. |
| Vulnerable: |
TCExam TCExam 4.0.11 |
| Not Vulnerable: |
TCExam TCExam 4.1 |
Discussion
TCExam $_SERVER[] Cross-Site Scripting Vulnerability
TCExam is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
TCExam 4.0.011 and prior versions are vulnerable.
TCExam is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
TCExam 4.0.011 and prior versions are vulnerable.
Exploit / POC
TCExam $_SERVER[] Cross-Site Scripting Vulnerability
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/[path]/public/code/index.php?_SERVER[SCRIPT_NAME]="><script>alert(document.cookie)</script>
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/[path]/public/code/index.php?_SERVER[SCRIPT_NAME]="><script>alert(document.cookie)</script>
Solution / Fix
TCExam $_SERVER[] Cross-Site Scripting Vulnerability
Solution:
The vendor has released version 4.1.000, which addresses this issue. Please see the references for more information.
TCExam TCExam 4.0.11
Solution:
The vendor has released version 4.1.000, which addresses this issue. Please see the references for more information.
TCExam TCExam 4.0.11
-
TCExam tcexam_4_1_000.zip
http://downloads.sourceforge.net/tcexam/tcexam_4_1_000.zip?modtime=117 7956448&big_mirror=0
References
TCExam $_SERVER[] Cross-Site Scripting Vulnerability
References:
References:
- TCExam 4.1.000 new release with security fixes. (TCExam)
- TCExam Homepage (TCExam)