RuubikCMS 1.1.1 suffers from Stored XSS vulnerability too, when parsing user input to the 'name' parameter via POST method through '/ruubikcms/ruubikcms/cms/index.php'.
Attackers can exploit these weaknesses to execute arbitrary HTML and script code
in a user's browser session.
I have tested it on Chrome , Internet Explorer and Firefox browsers and it works Well !!
Stored XSS Vulnerable URL's
http://127.0.0.1/ruubikcms/ruubikcms/cms/index.php
[vulnerable : name]
http://127.0.0.1/ruubikcms/ruubikcms/cms/extranet.php?p=member-area
[vulnerable : name]
http://127.0.0.1/ruubikcms/ruubikcms/cms/sitesetup.php
[Vulnerable : name , siteroot]
http://127.0.0.1/ruubikcms/ruubikcms/cms/users.php?role=5&p=test
[Vulnerable : firstname , lastname]
Simple Payload:
p@yl0ad : "><script>alert('h@cK3d by eXpl0i13r')</script>
Vulnerability POC's:
Not much to explain as its very simple vulnerability...!!
EDB-ID: 25996
No comments:
Post a Comment