GaliX Index.PHP Multiple Cross Site Scripting Vulnerabilities

Bugtraq ID:	24066
Class:	Input Validation Error
CVE:	CVE-2007-2806
Remote:	Yes
Local:	No
Published:	May 21 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	John Martinelli is credited with the discovery of these vulnerabilities.
Vulnerable:	GaliX GaliX 2.0
Not Vulnerable:

GaliX Index.PHP Multiple Cross Site Scripting Vulnerabilities

GaliX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

GaliX 2.0 is vulnerable to these issues; other versions may also be affected.

GaliX Index.PHP Multiple Cross Site Scripting Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept code is available:

• /data/vulnerabilities/exploits/GaliX_XSS_exp.html

GaliX Index.PHP Multiple Cross Site Scripting Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

GaliX Index.PHP Multiple Cross Site Scripting Vulnerabilities

References:

• GaliX² v2.0 - Cross-Site Scripting Exploit (RedLevel)
  
• Vendor Homepage (GaliX)