Advisory: Baby Gekko v1.2.0 Multiple XSS vulnerabilities
Advisory ID: SSCHADV2012-012
Author: Stefan Schurtz
Affected Software: Successfully tested on Baby Gekko v1.2.0
Vendor URL: http://www.babygekko.com/
Vendor Status: informed
==========================
Vulnerability Description
==========================
Baby Gekko v1.2.0 is prone to multiple Cross-Site scripting vulnerabilities
==================
PoC-Exploit
==================
http://[target]/gekkocms/users/action/register
Reflected XSS (Tested on WinXP with IE8)
Desired Username '"/>
E-mail address '"/>
Password '"/>
Verify Password '"/>
First Name '"/>
Last Name '"/>
Reflected XSS (Tested on WinXP with FF7.0.1 and FF12)
When the username or the e-mail already exists the following XSS are also possible!
Desired Username
E-mail address
Password '"/>
Verify Password '"/>
First Name '"/>
Last Name '"/>
=========
Solution
=========
-
====================
Disclosure Timeline
====================
05-May-2012 - vendor informed
05-May-2012 - vendor feedback
========
Credits
========
Vulnerabilities found and advisory written by Stefan Schurtz.
===========
References
===========
http://www.darksecurity.de/advisories/2012/SSCHADV2012-012.txt
http://www.babygekko.com/forum/index.php/topic,349.0.html
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5086.php
http://secunia.com/advisories/49023/
http://www.exploit-db.com/exploits/18827/