Pulse Pro 1.4.3 Persistent XSS Vulnerability

vendor:

Pulse Pro

by:

Th3 RDX

7,5

CVSS

HIGH

Persistent XSS

CWE

Product Name: Pulse Pro

Affected Version From: 1.4.3

Affected Version To: 1.4.3

Patch Exists: NO

Related CWE: N/A

CPE: a:pulsecms:pulse_pro:1.4.3

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Demo Site

2010

Pulse Pro 1.4.3 Persistent XSS Vulnerability

Pulse Pro 1.4.3 is vulnerable to a persistent XSS vulnerability. An attacker can inject a malicious XSS payload into the 'Edit Profile' page of the application. After logging out and logging in again, the XSS payload will be executed.

Mitigation:

Input validation should be used to prevent XSS attacks. Sanitize user input and encode output to prevent XSS attacks.

Source

Exploit-DB raw data:

# Exploit Title: Pulse Pro 1.4.3 Persistent XSS Vulnerability
# Date: 24-10-2010
# Author: Th3 RDX
# Software Link: http://pulsecms.com/
# Version:  1.4.3
# Tested on: Demo Site
# category: webapp
# Code : n/a
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Br0wn Sug4r,
Sid3^effects, L0rd CruSad3r,
         Sonic , r0073r(inj3ct0r.com)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
<3 Love: -[SiLeNtp0is0n]-, stRaNgEr(lucky), inX_rOot, NEO H4cK3R,
DarkL00k, G00g!3 W@rr!0r,
                  str1k3r, co0Lt04d , ATUL DWIVEDI , Jackh4xor
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
                                  INDIAN CYBER ARMY
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

##############################################################################
%//

----- [ Founder ] -----

        Th3 RDX

----- [ E - mail ] -----

    th3rdx@gmail.com


                                                        %\\
##############################################################################

##############################################################################
%//

----- [Title] -----

Pulse Pro 1.4.3 Persistent xss Vulnerability

----- [ Vendor ] -----

http://pulsecms.com/
                                                        %\\
##############################################################################

##############################################################################
%//

----- [ Bug (s) ] -----

----- [ Persistent XSS ] -----

Proof of Concepts:
------------------

Step 1) Login into member or User Section

Link: http://pulsecms/demo/login.php

Step 2) Go to Blog [Manage Blog]

-[XSS Bug present in following]-

=> New Blog Post

-[XSS Code]-

=> '"--><script>alert(0x000872)</script>

Step 3) Enter your Attack Pattern to title of blog post or source

Step 4) Refresh and View your blog post on index page or post link.

Note:L The XSS Also remains in admin panel

                                                    %\\
##############################################################################

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=> PROUD TO BE AN INDIAN | Anythning for INDIA | JAI-HIND | Maa Tujhe Salam

=> c0d3 for motherland, h4ck for motherland

==> i'm worst than a useless <==
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.

Bug discovered : 24 October 2010

finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

#End 0Day#