325
phpCMS prior 1.2.1pl1 parser.php cross site scripting
CGI
2005/01/09
Marc Ruef
marc.ruef at computec.ch
http://www.computec.ch
computec.ch
1.0
tcp
80
open|send /parser/parser.php?file=atk HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *atk*
98
The NASL script is Copyright (C) 2004 David Maciejak
Cyrille Barthelemy
cb-publicbox at ifrance.com
Cross Site Scripting
The remote host runs phpCMS, a content management system written in PHP. This version is vulnerable to cross-site scripting due to a lack of sanitization of user-supplied data in parser.php script. Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server.
Upgrade to version 1.2.1pl1 or newer.
Approx. 30 minutes
Yes
http://www.securityfocus.com/bid/11765/exploit/
Yes
Yes
Medium
6
8
7
7
Medium
Nessus can check this flaw with the plugin 15850 (phpCMS XSS).
11765
15850
Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
http://www.computec.ch
