Expinion.net Member Management System Multiple Cross-Site Scripting Vulnerabilities
BID:9932
Info
Expinion.net Member Management System Multiple Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 9932 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 20 2004 12:00AM |
| Updated: | Mar 20 2004 12:00AM |
| Credit: | Discovery is credited to Manuel Lopez <[email protected]>. |
| Vulnerable: |
Expinion.net Member Management System 2.1 |
| Not Vulnerable: |
Expinion.net Member Management System 2.2 |
Discussion
Expinion.net Member Management System Multiple Cross-Site Scripting Vulnerabilities
It has been reported that a number of Member Management System scripts are prone to cross-site scripting vulnerabilities. These issues are reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate cross-site scripting attacks. The issues are reported to affect the 'err' parameter of 'error.asp' script and the 'register.asp' script.
Member Management System version 2.1 has been reported to be affected by this issue, however, other versions may be vulnerable as well.
It has been reported that a number of Member Management System scripts are prone to cross-site scripting vulnerabilities. These issues are reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate cross-site scripting attacks. The issues are reported to affect the 'err' parameter of 'error.asp' script and the 'register.asp' script.
Member Management System version 2.1 has been reported to be affected by this issue, however, other versions may be vulnerable as well.
Exploit / POC
Expinion.net Member Management System Multiple Cross-Site Scripting Vulnerabilities
No exploit is required.
The following proof of concept has been provided:
http://www.example.com/error.asp?err=">[XSS]
In the register form: "><iframe src=http://www.example.com/admin/user_del.asp?ID=[ID to delete]>
No exploit is required.
The following proof of concept has been provided:
http://www.example.com/error.asp?err=">[XSS]
In the register form: "><iframe src=http://www.example.com/admin/user_del.asp?ID=[ID to delete]>
Solution / Fix
Expinion.net Member Management System Multiple Cross-Site Scripting Vulnerabilities
Solution:
Expinion.net has released Member Management System 2.2 to address these issues. Please contact the vendor to obtain the fixed version.
Solution:
Expinion.net has released Member Management System 2.2 to address these issues. Please contact the vendor to obtain the fixed version.
References
Expinion.net Member Management System Multiple Cross-Site Scripting Vulnerabilities
References:
References:
- Member Management System Product Page (Expinion.net)