|
Feeds -
Exploits
|
|
Written by Justin C. Klein Keane
|
|
Friday, 20 March 2009 23:08 |
Pixie CMS SQL Injection and Cross Site Scripting Vulnerabilities
-\\Bugtraq ID:
34189
-\\Class:
Input Validation Error
-\\CVE:
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Mar 20 2009 12:00AM
-\\Updated:
Mar 20 2009 04:36PM
-\\Credit:
Justin C. Klein Keane
-\\Vulnerable:
Scott Evans Pixie CMS 0
-\\Discussion
Pixie CMS is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because
it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials,
compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying
database.
-\\Exploit(s)/PoC(s):
An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the
attacker must entice an unsuspecting victim to follow a malicious URI.
The following example URI is available:
http://www.example.com/pixie/?s=blog&m=permalink&x="onLoad="location.href='http://www.example2.com'
The following example 'Referer' header value is available:
Referer: http://www.example.com/pixie/?s=about',log_id=1 on
-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are
aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--Pixie CMS Homepage
http://www.getpixie.co.uk (Scott Evans)
|
