Archive for July, 2013

FluxBB 1.5.3 Multiple Remote Vulnerabilities

FluxBB suffers from a cross-site scripting, cross-site request forgery and URL redirect vulnerability. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Input passed via the ‘redirect_url’ parameter in ‘misc.php’ script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. It also fails to properly sanitize user-supplied input to the ‘form[board_title]’ POST parameter in the ‘admin_options.php’ script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user’s browser session.

fluxbb_xss

Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5150.php

Windu CMS 2.2 Multiple Stored XSS And CSRF Vulnerabilities

Windu CMS suffers from a cross-site request forgery vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Multiple stored XSS vulnerabilities exist when parsing user input to the ‘name’ and ‘username’ POST parameters. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user’s browser session.

Advisories:

Windu CMS 2.2 CSRF Add Admin Exploit
Windu CMS 2.2 Multiple Persistent Cross-Site Scripting Vulnerabilities

windu_xss

Cisco.com закрпен од XSS ранливост

Ранливост од типот XSS (Cross-Site Scripting) беше пронајдена на еден од под-домените на Cisco официјалната страница. Пронајдената ранливост (23.04.2013) веднаш беше пријавена до безбедносниот тим на Cisco кадешто одговорија веднаш и стапија во соработка со Zero Science Lab за креирање на закрпа.

Закрпата е имплементирана од 15 јули, 2013 година. Поздрав до Cisco Emergency Response Team ;]

cisco_xss1

Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Stored XSS Vulnerabilities

Barracuda SSL VPN suffers from multiple stored XSS vulnerabilities when parsing user input to several parameters via POST method. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user’s browser session.

Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5147.php

barr1_xss

barr2_xss

barr3_xss

barr4_xss

barr5_xss