XSS Vulnerability in Pixelpost Photoblog
Summary
- Vulnerability
- XSS Vulnerability in Pixelpost Photoblog
- Discovered
- 2006.01.21
- Last Update
- 0 n/a
- ID
- EV0045
- CVE
- CVE-2006-0409
- Risk Level
- medium
- Type
- Cross Site Scripting
- Status
- Unpatched
- Vendor
- n/a
- Vulnerable Software
- Pixelpost Photoblog (http://www.pixelpost.org/)
- Version
- 1.4.3
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
Cross Site Scripting found in Pixelpost Photoblog (http://www.pixelpost.org/) script.
Vulnerable script: index.php
Most of user-defined variables isn't properly sanitized. This can be used to post arbitrary html or script code. This code will be executed when administrator will open "comments" menu in admin CP.
Cookie-based authentication is threatened.
Administrator has an ability to upload arbitrary files.
System access is possible.
PoC/Exploit
Link: http://host/pixelpost/index.php?popup=comment&showimage=1
Add Comment: <XSS>
Solution.
Solution for "XSS Vulnerability in Pixelpost Photoblog" is not available. Check vendor's website for updates.