CVE-2010-4868
published 2011-10-05CVE-2010-4868: Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.47%
70.6th percentile
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| w-agora | w-agora | <= 4.2.1 | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
| w-agora | w-agora | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting
exploitdb·2010-10-22
CVE-2010-4868 W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting
W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/44370/info
w-Agora is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the context of the webserver process. Information harvested may aid in further attacks.
The attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
w-Agora 4.2.1 and prior are vulnerable.
ht
Exploit-DB
Microsoft Internet Explorer - 'VML' Fill Method Code Execution (MS06-055) (Metasploit)
exploitdb·2010-07-03
CVE-2006-4868 Microsoft Internet Explorer - 'VML' Fill Method Code Execution (MS06-055) (Metasploit)
Microsoft Internet Explorer - 'VML' Fill Method Code Execution (MS06-055) (Metasploit)
---
##
# $Id: ms06_055_vml_method.rb 9669 2010-07-03 03:13:45Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Internet Explorer VML Fill Method Code Execution',
'Description' => %q{
This module exploits a code execution vulnerability in Microsoft Internet Explorer using
a buffer overflow in the VML processing code (VGX.dll). This module has been tested on
Windows 2000 SP4, Windows XP SP0, and Windows XP SP2.
},
'License' => MSF_LICENSE,
'Author'
No writeups or analysis indexed.
http://packetstormsecurity.org/1010-exploits/wagora-lfixss.txthttp://securityreason.com/securityalert/8426http://www.securityfocus.com/archive/1/514420/100/0/threadedhttp://www.securityfocus.com/bid/44370http://packetstormsecurity.org/1010-exploits/wagora-lfixss.txthttp://securityreason.com/securityalert/8426http://www.securityfocus.com/archive/1/514420/100/0/threadedhttp://www.securityfocus.com/bid/44370
2011-10-05
Published