TUCoPS :: Web :: CMS / Portals :: tb10639.htm


   .      .        .  
._ | _.  .|_  _. _.;_/
[_)|(_]\_|[ )(_](_.| \.net
|      ._|            
"SineCms Version 2.3.4 - Non-Persistent XSS Vulnerability"
	by Nexus

1) Infos
Date            : 2007-04-26 (ISO 8601)
Product         : SineCms
Version         : 2.3.4 (last), prior versions may also be affected
Vendor : http://sourceforge.net/projects/sine - http://www.sinecms.net 
Vendor Status   : 2007-04-26 - Informed!

Description     : SineCms is a management software for international communication 
		  based on hypertext.

Google Dork     : "SineCms Version: 2.3.4"

Source          : nexus
E-mail          : nexus[at]playhack[dot]net
Team            : Playhack.net Security

2) Security Issues
The core module for Search engine is affected by a Non-Persistent Cross-Site Scripting
The source in "mods/Core/result.php" doesn't properly sanitize the input of the user
and just get the submitted text without any previous check on the content.
The affected variable is $_GET['stringa'], as a matter of fact if we try to insert a
string like:
The website will retrieve an url like:

And it executes the JavaScript code.
The script makes only a check on apex, that can be simply avoided executing for 
example a remote script like

It's easy to guess that this kind of vulnerability can be used to accomplish some
Phishing attacks, or whatever can be disfruted from an XSS flaw.

3) Patch

Edit the core source code and sanitize properly the inputted data.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986- AOH