|
|
===============================================================0D
PHP Calendar Script Remote XSS (Permanent) Vulnerabilities=0D
===============================================================0D
=0D
,--^----------,--------,-----,-------^--,=0D
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..=0D
`+---------------------------^----------|=0D
`\_,-------, _________________________|=0D
/ XXXXXX /`| /=0D
/ XXXXXX / `\ /=0D
/ XXXXXX /\______(=0D
/ XXXXXX / =0D
/ XXXXXX /=0D
(________( =0D
`------'=0D
=0D
AUTHOR : CWH Underground=0D
DATE : 28 September 2008=0D
SITE : cwh.citec.us=0D
=0D
=0D
#####################################################=0D
APPLICATION : PHP Calendar Script=0D
VERSION : 6.3.25=0D
VENDOR : www.easyphpcalendar.com=0D
DOWNLOAD : http://www.easyphpcalendar.com/freeDownload.php=0D
#####################################################=0D
=0D
=0D
=0D
--- Permanent Cross Site Scripting ---=0D
=0D
-----------------=0D
Vulnerable Page =0D
-----------------=0D
=0D
[+]http://[Target]/[path]/events/index.php?PHPSESSID=[md5number]&add=1=0D
=0D
Ex:=0D
=0D
[+]http://[Target]/[path]/events/index.php?PHPSESSID=e99299396b831fe9226b7d5de21edaff&add=1=0D
=0D
This page is used to Add New Event and there is a feild "Details:" which is prepared for inserting detail of the event.=0D
We can inject javascript into this feild as result in "Stored XSS".=0D
=0D
-----------------=0D
Example code =0D
-----------------=0D
=0D
Details:=0D
=0D
=0D
=0D
Note : - [md5number] is the session id which will generate automatically after we login=0D
- In order to be the user, must be added by Master Administrator=0D
=0D
=0D
#####################################################################=0D
Greetz : ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos=0D
Special Thx : asylu3, str0ke, citec.us, milw0rm.com=0D
#####################################################################