CVE-2014-4135 – phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

phpwind_xss1

 

CVE-2014-4135 – phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

 

Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities

Product: phpwind

Vendor: phpwind

Vulnerable Versions: v8.7

Tested Version: v8.7

Advisory Publication: May 25, 2015

Latest Update: May 25, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: CVE-2014-4135

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type: Allows unauthorized modification

Writer and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

 

 

 

Caution Details:

 

(1) Vendor & Product Description:

Vendor:

phpwind

 

Product & Vulnerable Versions:

phpwind

v8.7

 

Vendor URL & Download:

Product can be obtained from here,

http://www.phpwind.net/thread/166

 

Product Introduction Overview:

“phpwind (abbreviation: pw) is a program based on PHP and MySQL open source community, and is one of the most popular general-Forum. phpwind ofstar first version was released in 2004. As of December 2013 phpwind brand items calculated by Ali cloud Co., Ltd. has, fully free open source software. Now accumulated more than one million websites use phpwind products, of which nearly 100,000 active website. Since the 2011 release PHPWind8.x series version, phpwind enhance community around the content value and promote community e-commerce two general direction of the development of multi-mode single-core products and achieve new forms of community. 2012 preparations for the release of phpwind9.0 will use self-developed Windframework phpwind framework and integrated computing architecture and so on Ali community cloud platform application center will provide a variety of solutions for future communities.

Today, the country’s 200,000 worth of small sites, there are nearly 100,000 community site uses phpwind, has accumulated more than one million sites use phpwind, there are 1,000 new sites every day use phpwind. These community sites covering 52 types of trades every day one million people gathered in phpwind build community, issued 50 million new information, visit more than one billion pages.

National Day PV30 million or more in 1000 about a large community, there are more than 500 sites selected phpwind station software provided, including by scouring link Amoy satisfaction, a daily e-commerce and marketing groups, and other on-line product vigorously increase in revenue for the site. Excellent partners, such as Xiamen fish, of Long Lane, Erquan network, Kunshan forum, the North Sea 360, Huizhou West Lake, Huashang like.”

 

 

 

(2) Vulnerability Details:

phpwind web application has a computer cyber security bug problem. It can be exploited by XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user’s browser session within the trust relationship between their browser and the server.

Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. phpwind has patched some of them. CXSECurity is a huge collection of information on data communications safety. Its main objective is to inform about errors in various applications. It also publishes suggestions, advisories, solutions details related to XSS vulnerabilities and cyber intelligence recommendations.

 

(2.1) The first programming code flaw occurs at “&url” parameter in “/goto.php?” page.

 

 

 

 

 

References:
http://www.tetraph.com/security/xss-vulnerability/phpwind-v8-7-xss/
http://www.inzeed.com/kaleidoscope/computer-security/phpwind-v8-7-xss/
https://webtechwire.wordpress.com/2015/05/24/phpwind-v8-7-xss/
http://securityrelated.blogspot.com/2015/05/phpwind-v87-xss.html
https://www.facebook.com/permalink.php?story_fbid=939922519396264&id=874373602617823
https://itswift.wordpress.com/2015/05/24/phpwind-v8-7-xss/
https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01904.html
http://whitehatpost.blog.163.com/blog/static/24223205420154248491580/
http://cxsecurity.com/issue/WLB-2015040033
http://seclists.org/fulldisclosure/2015/Apr/38

 

Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

Bug2-300x224

 
Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

 

Exploit Title: Feed2JS v1.7 magpie_debug.php? &url parameter XSS Security Vulnerabilities

Product: Feed2JS

Vendor: feed2js.org

Vulnerable Versions: v1.7

Tested Version: v1.7

Advisory Publication: May 09, 2015

Latest Update: May 09, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

 

 

 

Proposition Details:

 

(1) Vendor & Product Description:

Vendor:

feed2js.org

 

Product & Vulnerable Versions:

Feed2JS

v1.7

 

Vendor URL & Download:

Feed2JS can be downloaded from here,

https://feed2js.org/index.php?s=download

 

Source code:

http://www.gnu.org/licenses/gpl.html

 

Product Introduction Overview:

“What is “Feed to JavaScript? An RSS Feed is a dynamically generated summary (in XML format) of information or news published on other web sites- so when the published RSS changes, your web site will be automatically changed too. It is a rather simple technology that allows you, the humble web page designer, to have this content displayed in your own web page, without having to know a lick about XML! Think of it as a box you define on your web page that is able to update itself, whenever the source of the information changes, your web page does too, without you having to do a single thing to it. This Feed2JS web site (new and improved!) provides you a free service that can do all the hard work for you– in 3 easy steps:

Find the RSS source, the web address for the feed.

Use our simple tool to build the JavaScript command that will display it

Optionally style it up to look pretty.

Please keep in mind that feeds are cached on our site for 60 minutes, so if you add content to your RSS feed, the updates will take at least an hour to appear in any other web site using Feed2JS to display that feed. To run these scripts, you need a web server capable of running PHP which is rather widely available (and free). You will need to FTP files to your server, perhaps change permissions, and make some basic edits to configure it for your system. I give you the code, getting it to work is on your shoulders. I will try to help, but cannot always promise answers.”

 

 

 

(2) Vulnerability Details:

Feed2JS web application has a computer security bug problem. It can be exploited by stored XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user’s browser session within the trust relationship between their browser and the server.

Several other Feed2JS products 0-day vulnerabilities have been found by some other bug hunter researchers before. Feed2JS has patched some of them. “Openwall software releases and other related files are also available from the Openwall file archive and its mirrors. You are encouraged to use the mirrors, but be sure to verify the signatures on software you download. The more experienced users and software developers may use our CVSweb server to browse through the source code for most pieces of Openwall software along with revision history information for each source file. We publish articles, make presentations, and offer professional services.” Openwall has published suggestions, advisories, solutions details related to XSS vulnerabilities.

 

(2.1) The first programming code flaw occurs at “&url” parameter in “magpie_debug.php?” page.

 

 

 

 

References:

http://www.tetraph.com/security/xss-vulnerability/feed2js-v1-7-xss/

http://securityrelated.blogspot.com/2015/05/feed2js-v17-xss-cross-site-scripting.html

http://www.inzeed.com/kaleidoscope/computer-web-security/feed2js-v1-7-xss/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/feed2js-v1-7-xss/

https://vulnerabilitypost.wordpress.com/2015/05/08/feed2js-v1-7-xss/

http://whitehatpost.blog.163.com/blog/static/24223205420154810359682/

https://progressive-comp.com/?l=full-disclosure&m=142907534026807&w=2

https://www.bugscan.net/#!/x/21291

http://bluereader.org/article/27452996

http://lists.openwall.net/full-disclosure/2015/04/15/4

 

Artnana Webboard version 1.4 XSS (Cross-site Scripting) Web Security Vulnerabilities

Algerian-hacker

Artnana Webboard version 1.4 XSS (Cross-site Scripting) Web Security Vulnerabilities

Exploit Title: Artnana Webboard version 1.4 Multiple XSS Security Vulnerabilities

Product: Webboard

Vendor: Artnana

Vulnerable Versions: version 1.4

Tested Version: version 1.4

Advisory Publication: May 09, 2015

Latest Update: May 09, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Proposition Details:

(1) Vendor & Product Description:

Vendor:

Artnana

Product & Vulnerable Versions:

Webboard

version 1.4

Vendor URL & Download:

Webboard can be obtained from here,

http://www.artnana.com/web-d.php

Product Introduction Overview:

“Webboard is Thailand IT company that provide software service. Webboard can make your website easier and convenience. WebBoard is a discussion board where you post messages and participate in discussions with the other people in the course.”

(2) Vulnerability Details:

Artnana Webboard web application has a computer security bug problem. It can be exploited by stored XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user’s browser session within the trust relationship between their browser and the server.

Several other Artnana products 0-day vulnerabilities have been found by some other bug hunter researchers before. Artnana has patched some of them. FusionVM® Vulnerability Management and Compliance provides sources for the latest info-sec news, tools, and advisories. It has published suggestions, advisories, solutions details related to XSS vulnerabilities.

(2.1) The first programming code flaw occurs at “&keyword” parameter in “search_topic.php?” page.

(2.2) The second programming code flaw occurs at “&keyword” parameter in “search_products.php” page.

References:

http://www.tetraph.com/security/xss-vulnerability/artnana-webboard-version-1-4-xss/

http://securityrelated.blogspot.com/2015/05/artnana-webboard-version-14-xss-cross.html

http://www.inzeed.com/kaleidoscope/computer-web-security/artnana-webboard-version-1-4-xss/

https://vulnerabilitypost.wordpress.com/2015/05/08/artnana-webboard-version-1-4-xss/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/artnana-webboard-version-1-4-xss/

http://whitehatpost.blog.163.com/blog/static/24223205420154895051990/#

https://progressive-comp.com/?a=139222176300014&r=1&w=1​

https://www.fusionvm.com/FusionVM/DesktopModules/SecurityAdvisories/SecurityAdvisoriesView.aspx?Alias=www.fusionvm&TabId=0&Lang=en-US&OU=0&ItemId=44831

https://www.bugscan.net/#!/x/21221

http://bluereader.org/article/30765597

MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities

18hyfk3t3yfo7jpg

MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities

Exploit Title: MT.VERNON MEDIA Web-Design v1.12 “gallery.php?” &category parameter HTML Injection Security Vulnerabilities

Product: Web-Design v1.12

Vendor: MT.VERNON MEDIA

Vulnerable Versions: v1.12

Tested Version: v1.12

Advisory Publication: May 08, 2015

Latest Update: May 08, 2015

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Proposition Details:

(1) Vendor & Product Description:

Vendor:

MT.VERNON MEDIA

Product & Vulnerable Versions:

Web-Design

v1.12

Vendor URL & Download:

MT.VERNON MEDIA can be obtained from here,

http://www.mtvernonmedia.com/services/WebDesign.html

Google Dork:

“developed by: Mt. Vernon Media”

Product Introduction Overview:

“In today’s economy every business is more focused on ROI (Return On Investment) than ever before. We’ll help you ensure a solid ROI for your website, not only making it effective and easy to use for your clients, but helping you to drive traffic to your site and ensuring effective content and design to turn traffic into solid leads, sales, or repeat customers. We offer custom design and development services tailored to your needs and specifications drawn up jointly with you to ensure that the appropriate technology is leveraged for optimum results, creating a dynamic and effective design, based on market effectiveness and user-friendly design standards. Our developers are experts in web application development using various programming languages including Perl, SQL, C, C+, and many other back-end programming languages, as well as database integration. For a view of some of your past projects, take a look at our list of clients. We handle custom development of your Internet project from conception through publication:

Internet & Intranet sites

Design concepts, layouts, and specifications

Intuitive Graphical User Interface (GUI) design

Dynamic navigation design

Creation and manipulation of graphical design elements

GIF Animation

Flash development

HTML hand-coding and debugging

JavaScript for interactivity and error-checking

ASP (Active Server Pages)

Customized Perl CGI scripts (mailing lists, form submission, etc)

Customized application development in varied programming languages

Site publication and promotion

On-going updating and maintenance

Banner ads”

(2) Vulnerability Details:

MT.VERNON MEDIA web application has a computer security bug problem. It can be exploited by stored HTML Injection attacks. Hypertext Markup Language (HTML) injection, also sometimes referred to as virtual defacement, is an attack on a user made possible by an injection vulnerability in a web application. When an application does not properly handle user supplied data, an attacker can supply valid HTML, typically via a parameter value, and inject their own content into the page. This attack is typically used in conjunction with some form of social engineering, as the attack is exploiting a code-based vulnerability and a user’s trust.

Several other MT.VERNON MEDIA products 0-day vulnerabilities have been found by some other bug hunter researchers before. MT.VERNON MEDIA has patched some of them. BugScan is the first community-based scanner, experienced five code refactoring. It has redefined the concept of the scanner provides sources for the latest info-sec news, tools, and advisories. It also publishs suggestions, advisories, solutions details related to HTML vulnerabilities.

(2.1) The first programming code flaw occurs at “&category” parameter in “gallery.php?” page.

References:

http://www.tetraph.com/security/html-injection/mt-vernon-media-web-design-v1-12-html-injection/

http://securityrelated.blogspot.com/2015/05/mtvernon-media-web-design-v112-html.html

http://www.inzeed.com/kaleidoscope/computer-web-security/mt-vernon-media-web-design-v1-12-html-injection/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/mt-vernon-media-web-design-v1-12-html-injection/

https://vulnerabilitypost.wordpress.com/2015/05/08/mt-vernon-media-web-design-v1-12-html-injection/

http://whitehatpost.blog.163.com/blog/static/24223205420154893850881/

https://progressive-comp.com/?l=full-disclosure&m=142907520526783&w=2

https://www.bugscan.net/#!/x/21454

http://seclists.org/fulldisclosure/2015/Apr/37

http://lists.openwall.net/full-disclosure/2015/04/15/3

MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities

2013-Predictions-Computer-Security-Threats-Cyber-Warfare

MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities



Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Security Vulnerabilities

Product: Web-Design

Vendor: MT.VERNON MEDIA

Vulnerable Versions: v1.12

Tested Version: v1.12

Advisory Publication: May 08, 2015

Latest Update: May 08, 2015

Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

Credit: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)




Proposition Details:



(1) Vendor & Product Description:



Vendor:

MT.VERNON MEDIA



Product & Vulnerable Versions:

Web-Design

v1.12



Vendor URL & Download:

MT.VERNON MEDIA can be obtained from here,

http://www.mtvernonmedia.com/services/WebDesign.html


Google Dork:

“developed by: Mt. Vernon Media”




Product Introduction Overview:

“In today’s economy every business is more focused on ROI (Return On Investment) than ever before. We’ll help you ensure a solid ROI for your website, not only making it effective and easy to use for your clients, but helping you to drive traffic to your site and ensuring effective content and design to turn traffic into solid leads, sales, or repeat customers. We offer custom design and development services tailored to your needs and specifications drawn up jointly with you to ensure that the appropriate technology is leveraged for optimum results, creating a dynamic and effective design, based on market effectiveness and user-friendly design standards. Our developers are experts in web application development using various programming languages including Perl, SQL, C, C+, and many other back-end programming languages, as well as database integration. For a view of some of your past projects, take a look at our list of clients. We handle custom development of your Internet project from conception through publication:

Internet & Intranet sites

Design concepts, layouts, and specifications

Intuitive Graphical User Interface (GUI) design

Dynamic navigation design

Creation and manipulation of graphical design elements

GIF Animation

Flash development

HTML hand-coding and debugging

JavaScript for interactivity and error-checking

ASP (Active Server Pages)

Customized Perl CGI scripts (mailing lists, form submission, etc)

Customized application development in varied programming languages

Site publication and promotion

On-going updating and maintenance

Banner ads”





(2) Vulnerability Details:

MT.VERNON MEDIA web application has a computer security bug problem. It can be exploited by stored XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user’s browser session within the trust relationship between their browser and the server.


Several other MT.VERNON MEDIA products 0-day vulnerabilities have been found by some other bug hunter researchers before. MT.VERNON MEDIA has patched some of them. “Openwall software releases and other related files are also available from the Openwall file archive and its mirrors. You are encouraged to use the mirrors, but be sure to verify the signatures on software you download. The more experienced users and software developers may use our CVSweb server to browse through the source code for most pieces of Openwall software along with revision history information for each source file. We publish articles, make presentations, and offer professional services.” Openwall has published suggestions, advisories, solutions details related to SQL Injection vulnerabilities.



(2.1) The first programming code flaw occurs at “section.php?” page with “&id” parameter.


(2.2) The second programming code flaw occurs at “illustrated_verse.php?” page with “&id” parameter.


(2.3) The third programming code flaw occurs at “image.php?” page with “&id” parameter.







References:

http://www.tetraph.com/security/sql-injection-vulnerability/mt-vernon-media-web-design-v1-12-multiple-sql-injection/

http://securityrelated.blogspot.com/2015/05/mtvernon-media-web-design-v112-multiple_8.html

http://www.inzeed.com/kaleidoscope/computer-web-security/mt-vernon-media-web-design-v1-12-multiple-sql-injection/

https://progressive-comp.com/?a=139222176300014&r=1&w=1​

http://whitehatpost.blog.163.com/blog/static/242232054201548925221/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/mt-vernon-media-web-design-v1-12-multiple-sql-injection/

https://www.fusionvm.com/FusionVM/DesktopModules/SecurityAdvisories/SecurityAdvisoriesView.aspx?Alias=www.fusionvm&TabId=0&Lang=en-US&OU=0&ItemId=44951

https://www.bugscan.net/#!/x/21160

http://bluereader.org/article/27452998

MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities

94a8e4618b0ff7ae4be4284cd2963fdc

MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities

Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple XSS Security Vulnerabilities

Product: Web-Design

Vendor: MT.VERNON MEDIA

Vulnerable Versions: v1.12

Tested Version: v1.12

Advisory Publication: May 07, 2015

Latest Update: May 07, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Recommendation Details:

(1) Vendor & Product Description:

Vendor:

MT.VERNON MEDIA

Product & Vulnerable Versions:

Web-Design

v1.12

Vendor URL & Download:

MT.VERNON MEDIA can be obtained from here,

http://www.mtvernonmedia.com/services/WebDesign.html

Google Dork:

“developed by: Mt. Vernon Media”

Product Introduction Overview:

“In today’s economy every business is more focused on ROI (Return On Investment) than ever before. We’ll help you ensure a solid ROI for your website, not only making it effective and easy to use for your clients, but helping you to drive traffic to your site and ensuring effective content and design to turn traffic into solid leads, sales, or repeat customers. We offer custom design and development services tailored to your needs and specifications drawn up jointly with you to ensure that the appropriate technology is leveraged for optimum results, creating a dynamic and effective design, based on market effectiveness and user-friendly design standards. Our developers are experts in web application development using various programming languages including Perl, SQL, C, C+, and many other back-end programming languages, as well as database integration. For a view of some of your past projects, take a look at our list of clients. We handle custom development of your Internet project from conception through publication:

Internet & Intranet sites

Design concepts, layouts, and specifications

Intuitive Graphical User Interface (GUI) design

Dynamic navigation design

Creation and manipulation of graphical design elements

GIF Animation

Flash development

HTML hand-coding and debugging

JavaScript for interactivity and error-checking

ASP (Active Server Pages)

Customized Perl CGI scripts (mailing lists, form submission, etc)

Customized application development in varied programming languages

Site publication and promotion

On-going updating and maintenance

Banner ads”

(2) Vulnerability Details:

MT.VERNON MEDIA Web-Design web application has a computer security bug problem. It can be exploited by stored XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user’s browser session within the trust relationship between their browser and the server.

Several other MT.VERNON MEDIA products 0-day vulnerabilities have been found by some other bug hunter researchers before. MT.VERNON MEDIA has patched some of them. BugScan is the first community-based scanner, experienced five code refactoring. It has redefined the concept of the scanner provides sources for the latest info-sec news, tools, and advisories. It also publishs suggestions, advisories, solutions details related to XSS vulnerabilities.

(2.1) The first programming code flaw occurs at “section.php?” page with “&id” parameter.

(2.2) The second programming code flaw occurs at “illustrated_verse.php?” page with “&id” parameter.

(2.3) The third programming code flaw occurs at “image.php?” page with “&id” parameter.

(2.4) The forth programming code flaw occurs at “gallery.php?” page with “&np” parameter.

References:

http://www.tetraph.com/security/xss-vulnerability/mt-vernon-media-web-design-v1-12-multiple-xss/

http://securityrelated.blogspot.sg/2015/05/mtvernon-media-web-design-v112-multiple.html

http://www.inzeed.com/kaleidoscope/computer-web-security/mt-vernon-media-web-design-v1-12-multiple-xss/

https://vulnerabilitypost.wordpress.com/2015/05/08/mt-vernon-media-web-design-v1-12-multiple-xss/

http://whitehatpost.blog.163.com/blog/static/24223205420154885036469

https://progressive-comp.com/?a=139222176300014&r=1&w=1​

https://www.fusionvm.com/FusionVM/DesktopModules/SecurityAdvisories/SecurityAdvisoriesView.aspx?Alias=www.fusionvm&TabId=0&Lang=en-US&OU=0&ItemId=44832

https://www.bugscan.net/#!/x/21289

http://bluereader.org/article/30765596

CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability

Exploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter XSS
Product: SoftBB (mods)
Vendor: Softbb.net
Vulnerable Versions: v0.1.3
Tested Version: v0.1.3
Advisory Publication: Jan 10, 2015
Latest Update: Jan 10, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9561
CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Credit: Wang Jing [Mathematics, Nanyang Technological University (NTU), Singapore]

Advisory Details:
Vendor URL:
(2) Vulnerability Details:
Softbb.net SoftBB can be exploited by XSS Attacks.
(2.1) The vulnerability occurs at “/redir_last_post_list.php” page, with “&post” parameter.

References: