← Advisories

Monstra 1.2.1 Multiple HTML Injection Vulnerabilities

Medium
Advisory ID
ZSL-2012-5101
Release Date
23 August 2012
Vendor
MONSTRA.ORG - http://www.monstra.org
Affected Version
1.2.1
CVE
N/A
Tested On
Microsoft Windows 7 Ultimate SP1 (EN), Apache 2.4.2 (Win32), PHP 5.4.4, MySQL 5.5.25a
Summary

Monstra is fast and small content management system written in PHP! It's free, open source and easy to use from the start!

Description

Monstra suffers from multiple stored XSS vulnerabilities when parsing user input to the 'menu_item_link', 'menu_item_name' and 'page_title' parameters via POST method thru 'index.php' script. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, and influence or misrepresent how Web content is served, cached, or interpreted.

Proof of Concept
monstra_xss.htmlTXT
Disclosure Timeline
N/A
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://packetstormsecurity.org/files/115821
[2]http://cxsecurity.com/issue/WLB-2012080209
[3]http://secunia.com/advisories/50374/
[4]http://www.securityfocus.com/bid/55171
[5]http://www.securelist.com/en/advisories/50374
[6]http://forums.cnet.com/7726-6132_102-5350871.html
[7]http://www.osvdb.org/show/osvdb/84839
[8]http://xforce.iss.net/xforce/xfdb/77953
Changelog
23.08.2012Initial release
24.08.2012Added reference [4], [5] and [6]
25.08.2012Added reference [7]
26.08.2012Added reference [8]