Asbru Web Content Management System v9.2.7 Multiple Vulnerabilities

Title: Asbru Web Content Management System v9.2.7 Multiple Vulnerabilities
Advisory ID: ZSL-2016-5314
Type: Local/Remote
Impact: Cross-Site Scripting, Exposure of Sensitive Information, Spoofing
Risk: (3/5)
Release Date: 05.04.2016
Summary
Ready to use, full-featured, database-driven web content management system (CMS) with integrated community, databases, e-commerce and statistics modules for creating, publishing and managing rich and user-friendly Internet, Extranet and Intranet websites.
Description
Asbru WCM suffers from multiple vulnerabilities including Cross-Site Request Forgery, Stored Cross-Site Scripting, Open Redirect and Information Disclosure.
Vendor
Asbru Ltd. - http://www.asbrusoft.com
Affected Version
9.2.7
Tested On
Apache Tomcat/5.5.23
Apache/2.2.3 (CentOS)
Vendor Status
[09.03.2016] Vulnerability discovered.
[16.03.2016] Vendor contacted.
[16.03.2016] Vendor responds asking more details.
[16.03.2016] Sent details to the vendor.
[30.03.2016] Asked vendor for status update.
[04.04.2016] No response from the vendor.
[05.04.2016] Public security advisory released.
PoC
asbru_mv.txt
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] https://packetstormsecurity.com/files/136591
[2] https://cxsecurity.com/issue/WLB-2016040038
[3] https://www.exploit-db.com/exploits/39667/
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/112031
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/112035
[6] https://exchange.xforce.ibmcloud.com/vulnerabilities/112036
[7] https://exchange.xforce.ibmcloud.com/vulnerabilities/112037
Changelog
[05.04.2016] - Initial release
[06.04.2016] - Added reference [1], [2] and [3]
[08.04.2016] - Added reference [4], [5], [6] and [7]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk