Ajaxel CMS 8.0 Multiple Vulnerabilities
Title: Ajaxel CMS 8.0 Multiple Vulnerabilities
Advisory ID: ZSL-2016-5320
Type: Local/Remote
Impact: Cross-Site Scripting, Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data
Risk: (4/5)
Release Date: 06.05.2016
MySQL 5.5.46
[14.04.2016] Vendor contacted.
[18.04.2016] Vendor releases version 8.1 to address these issues.
[05.05.2016] Public security advisory released.
[2] https://www.exploit-db.com/exploits/39781/
[3] https://packetstormsecurity.com/files/136998
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/113163
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/113164
[6] https://exchange.xforce.ibmcloud.com/vulnerabilities/113165
[7] https://exchange.xforce.ibmcloud.com/vulnerabilities/113166
[07.05.2016] - Added reference [1]
[21.05.2016] - Added reference [2], [3], [4], [5], [6] and [7]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2016-5320
Type: Local/Remote
Impact: Cross-Site Scripting, Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data
Risk: (4/5)
Release Date: 06.05.2016
Summary
Ajaxel CMS is very simple ajaxified CMS and framework for any project needs.Description
Ajaxel CMS version 8.0 and below suffers from multiple vulnerabilities inlcuding LFI, XSS, SQL injection and remote code execution via CSRF.Vendor
Ajaxel - http://www.ajaxel.comAffected Version
8.0 and belowTested On
Apache 2.4.10MySQL 5.5.46
Vendor Status
[13.04.2016] Vulnerabilities discovered.[14.04.2016] Vendor contacted.
[18.04.2016] Vendor releases version 8.1 to address these issues.
[05.05.2016] Public security advisory released.
PoC
ajaxelcms_mv.txtCredits
Vulnerability discovered by Krzysztof Kosinski - <dizzyduck@zeroscience.mk>References
[1] https://cxsecurity.com/issue/WLB-2016050027[2] https://www.exploit-db.com/exploits/39781/
[3] https://packetstormsecurity.com/files/136998
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/113163
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/113164
[6] https://exchange.xforce.ibmcloud.com/vulnerabilities/113165
[7] https://exchange.xforce.ibmcloud.com/vulnerabilities/113166
Changelog
[06.05.2016] - Initial release[07.05.2016] - Added reference [1]
[21.05.2016] - Added reference [2], [3], [4], [5], [6] and [7]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
