Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
HTML Injection Vulnerability in IPCop Proxy Log Viewer - exploit.company
header-logo
Suggest Exploit
vendor:
IPCop
by:
Not available
7.5
CVSS
HIGH
HTML Injection
79
CWE
Product Name: IPCop
Affected Version From: 1.4.2001
Affected Version To: 1.4.2001
Patch Exists: NO
Related CWE: Not available
CPE: a:ipcop:ipcop:1.4.1
Metasploit:
Other Scripts:
Platforms Tested:
2005

HTML Injection Vulnerability in IPCop Proxy Log Viewer

IPCop is susceptible to an HTML injection vulnerability in its proxy log viewer. This allows remote attackers to inject malicious HTML or script code, which is displayed to administrative users and executed in the context of the affected web application. Attackers may be able to execute administrative actions on behalf of the administrator and perform theft of authentication credentials and other attacks.

Mitigation:

Update to a patched version of IPCop. No further mitigation is available.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11779/info

IPCop is reported susceptible to an HTML injection vulnerability in its proxy log viewer. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated web pages.

This vulnerability allows remote, attacker-supplied malicious HTML or script code to be displayed to administrative users. This code would be executed in the context of the affected Web application. It is conjectured that it may be possible for attackers to cause administrative actions to be executed on their behalf when an administrator views the Squid logs. Theft of cookie-based authentication credentials and other attacks are also likely.

Version 1.4.1 of IPCop is reportedly vulnerable. Other versions may also be affected.

GET /<script>alert('XSS_PoC')</script> HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Host: example.com
Connection: Close

Navigation

Suggest Exploit

Services By CQR