vendor:
JMD-CMS
by:
Abysssec Inc
7,5
CVSS
HIGH
Upload arbitrary file with FCKEditor and Persistent XSS
79 (Cross-site Scripting)
CWE
Product Name: JMD-CMS
Affected Version From: JMD-CMS Alpha 3.0.0.9
Affected Version To: JMD-CMS Alpha 3.0.0.9
Patch Exists: NO
Related CWE: N/A
CPE: a:jmdcms:jmd-cms
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2019
JMD-CMS Multiple Remote Vulnerabilities
JMD-CMS Alpha 3.0.0.9 have Multiple Valnerabilities: 1- Upload arbitrary file with FCKEditor and 2- Persistent XSS. With the first vulnerability, an attacker can upload any file with the link http://localhost/jmdcms/FCKeditor/editor/fckeditor.html or http://localhost/jmdcms/FCKeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=connectors/aspx/connector.aspx and the files will be stored in http://localhost/UserFiles/Image/. The second vulnerability is a persistent XSS vulnerability in the Caption field of the page http://localhost/jmdcms/addPage.aspx?Parent_Page=default, which is accessible for Admin.
Mitigation:
The vendor should replace the vulnerable code with a secure one that does not allow malicious input to be processed.
