CMSLogik 1.2.1 Multiple Persistent XSS Vulnerabilities

Title: CMSLogik 1.2.1 Multiple Persistent XSS Vulnerabilities
Advisory ID: ZSL-2013-5136
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 14.04.2013
Summary
CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This combination allows for greater security, extensive flexibility, and ease of use. You can use CMSLogik for almost any niche that your project might fall into.
Description
CMSLogik suffers from multiple stored XSS vulnerabilities when parsing user input to several parameters via POST method. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.
Vendor
ThemeLogik - http://www.themelogik.com/cmslogik
Affected Version
1.2.1 and 1.2.0
Tested On
Router Webserver
Vendor Status
[05.04.2013] Vulnerability discovered.
[05.04.2013] Contact with the vendor.
[05.04.2013] Vendor replies asking more details.
[05.04.2013] Sent detailed information to the vendor.
[08.04.2013] Vendor confirms the issues promising patch.
[14.04.2013] Public security advisory released.
PoC
cmslogik_xss.txt
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://cxsecurity.com/issue/WLB-2013040105
[2] http://www.exploit-db.com/exploits/24959/
[3] http://packetstormsecurity.com/files/121303
[4] http://osvdb.org/show/osvdb/92322
[5] http://osvdb.org/show/osvdb/92323
[6] http://osvdb.org/show/osvdb/92324
[7] http://osvdb.org/show/osvdb/92325
[8] http://osvdb.org/show/osvdb/92326
[9] http://xforce.iss.net/xforce/xfdb/83429
[10] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-3535
[11] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3535
Changelog
[14.04.2013] - Initial release
[15.04.2013] - Added reference [1] and [2]
[16.04.2013] - Added reference [3], [4], [5], [6], [7] and [8]
[19.04.2013] - Added reference [9]
[14.05.2013] - Added reference [10] and [11]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk