Summary
This host is running mooSocial and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary HTML or script code in a user's browser session and obtain potentially sensitive information to execute arbitrary local scripts in the context of the webserver.
Impact Level: Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
Multiple flaws are due to,
- Input passed via HTTP GET request is used in '$path' variable is not properly validating '../'(dot dot) sequences with null byte (%00) at the end.
- Input passed via 'onerror' and 'onmouseover' parameters are not properly sanitised before being returned to the user.
Affected
mooSocial version 1.3, other versions may also be affected.
Detection
Send a crafted data via HTTP GET request and check whether it is able to read the cookie or not.
References
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Advanced Guestbook Index.PHP SQL Injection Vulnerability
- AlienVault OSSIM Multiple Remote Code Execution Vulnerabilities
- Artmedic Kleinanzeigen File Inclusion Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- b2ePMS Multiple SQL Injection Vulnerabilities