Webfolio CMS versions 1.1.4 and below suffer from multiple cross site scripting vulnerabilities.
93f6b868f021feffc6c34fae1946370d4c0b5076b89e10d2dac090857f503a57
+--------------------------------------------------------------------------------------------------------------------------------+
# Exploit Title : WebfolioCMS <= 1.1.4 Multiple XSS
# Date : 07-03-2012
# Author : Ivano Binetti (http://www.ivanobinetti.com)
# Software link : http://sourceforge.net/projects/webfolio-cms/files/WebfolioCMS-1.1.4.zip/download
# Vendor site : http://webfolio-cms.sourceforge.net/
# Version : 1.1.4 and lower
# Tested on : Debian Squeeze (6.0)
# Original Advisory: http://ivanobinetti.blogspot.com/2012/03/webfolio-114-multiple-xss.html
+--------------------------------------------------------------------------------------------------------------------------------+
+------------------------------------------[CSRF Vulnerabilities by Ivano Binetti]-----------------------------------------------+
Summary
1)Introduction
2)Vulnerabilities Description
3)POC
+--------------------------------------------------------------------------------------------------------------------------------+
1)Introduction
Webfolio CMS "is a free, open-source, customized content management system, whose main purpose is creation of web sites for
presenting someone's work, and portfolio-like websites".
2)Vulnerabilities Description
WebfolioCMS 1.1.4 (and lower) is prone to multiple XSS vulnerabilities in "webfolio/admin/users/edit/<used_id>" pages
- where <used_id> = 1....n - due to an improper input sanitization.
3)POC
To exploit "First name" and "Last name" fields:
<script>alert(document.cookie)</script>
To exploit "Email (required)" field:
email@email.com"><script>alert(document.cookie)</script>
+--------------------------------------------------------------------------------------------------------------------------------+