e107 submitnews.php XSS

medium Nessus Plugin ID 43099

Synopsis

A PHP script on the remote web server is affected by a cross-site scripting vulnerability.

Description

The version of e107 on the remote host is affected by a cross-site scripting vulnerability because the 'submitnews.php' script fails to properly sanitize user-supplied input. A remote attacker can exploit this by tricking a user into making a specially crafted POST request.

There are reportedly several other cross-site scripting and SQL injection vulnerabilities in this version of e107, though Nessus has not checked for them.

Solution

There is no known solution at this time.

See Also

https://seclists.org/bugtraq/2009/Nov/152

Plugin Details

Severity: Medium

ID: 43099

File Name: e107_submitnews_xss.nasl

Version: 1.16

Type: remote

Published: 12/10/2009

Updated: 6/5/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:e107:e107

Required KB Items: www/e107

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 11/22/2009

Reference Information

CVE: CVE-2009-4083

BID: 37087

CWE: 79