Arbitrary File Upload and Cross-site Scripting Vulnerabilities in Douran Portal

vendor:

Douran Portal

by:

7.5

CVSS

HIGH

Arbitrary File Upload, Cross-site Scripting

CWE

Product Name: Douran Portal

Affected Version From: 3.9.7.55

Affected Version To: 3.9.7.55

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Arbitrary File Upload and Cross-site Scripting Vulnerabilities in Douran Portal

The Douran Portal application fails to properly sanitize user-supplied input, leading to an arbitrary file upload vulnerability and a cross-site scripting vulnerability. Attackers can exploit these vulnerabilities to upload and execute arbitrary ASP code, steal authentication information, execute client-side scripts, and obtain sensitive information.

Mitigation:

Implement input validation and sanitization to prevent arbitrary file uploads and cross-site scripting attacks. Update to the latest version of Douran Portal to ensure that these vulnerabilities are patched.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/44594/info

Douran Portal is prone to an arbitrary-file-upload vulnerability and a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.

Attackers can exploit these issues to upload and execute arbitrary ASP code in the context of the webserver process, steal cookie-based authentication information, execute arbitrary client-side scripts in the context of the browser, and obtain sensitive information. Other attacks are also possible.

Douran Portal versions 3.9.7.55 and prior are vulnerable. 

http://www.example.com/DesktopModules/Gallery/OrderForm.aspx?itemtitle=<script>alert('ITSecTeam')</script>