-----------------------------
Details:
This is Cross-Site Scripting vulnerability.
This XSS is similar to XSS vulnerability in WP-Cumulus and other web
applications which I already reported to security mailing lists, because
it's using tagcloud.swf made by author of WP-Cumulus. About millions of
flash files tagcloud.swf which are vulnerable to XSS attacks I mentioned in
my article XSS vulnerabilities in 34 millions flash files
(http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00035.html).
-----------------------------
Details:
This is Cross-Site Scripting vulnerability.
This XSS is similar to XSS vulnerability in WP-Cumulus and other web
applications which I already reported to security mailing lists, because
it's using tagcloud.swf made by author of WP-Cumulus. About millions of
flash files tagcloud.swf which are vulnerable to XSS attacks I mentioned in
my article XSS vulnerabilities in 34 millions flash files
(http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00035.html).
-----------------------------
Details:
These are Cross-Site Scripting and Full path disclosure vulnerabilities.
This XSS is similar to XSS vulnerability in WP-Cumulus and other web
applications which I already reported to security mailing lists, because
it's using tagcloud.swf made by author of WP-Cumulus. About millions of
flash files tagcloud.swf which are vulnerable to XSS attacks I mentioned in
my article XSS vulnerabilities in 34 millions flash files
(http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00035.html).
-----------------------------
Details:
This is Cross-Site Scripting vulnerability.
This XSS is similar to XSS vulnerability in WP-Cumulus and other web
applications which I already reported to security mailing lists, because
it's using tagcloud.swf made by author of WP-Cumulus. About millions of
flash files tagcloud.swf which are vulnerable to XSS attacks I mentioned in
my article XSS vulnerabilities in 34 millions flash files
(http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00035.html).
Hello Bugtraq!
I want to warn you about Cross-Site Scripting vulnerability in Joomulus
(mod_joomulus) plugin for Joomla. Which I found at 23.12.2009.
It is similar to XSS vulnerability in WP-Cumulus
(http://websecurity.com.ua/3665/), because it's using tagcloud.swf made by
author of WP-Cumulus. About millions of flash files tagcloud.swf which are
vulnerable to XSS attacks I mentioned in my article XSS vulnerabilities in 8
millions flash files (http://websecurity.com.ua/3789/).
-----------------------------
Details:
This is Cross-Site Scripting vulnerability.
This XSS is similar to XSS vulnerability in WP-Cumulus and other web
applications which I already reported to security mailing lists, because
it's using tagcloud.swf made by author of WP-Cumulus. About millions of
flash files tagcloud.swf which are vulnerable to XSS attacks I mentioned in
my article XSS vulnerabilities in 34 millions flash files
(http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00035.html).
This is Cross-Site Scripting vulnerability. Which I found in Flash Tag Cloud
control for ASP.NET (http://flashtagcloud.codeplex.com) on web sites with
Blogsa engine, but any ASP-sites with Flash Tag Cloud control and other
ASP.NET engines with this widget can be vulnerable.
This XSS is similar to XSS vulnerability in WP-Cumulus and other web
applications which I already reported to security mailing lists, because
it's using tagcloud.swf made by author of WP-Cumulus. About millions of
flash files tagcloud.swf which are vulnerable to XSS attacks I mentioned in
my article XSS vulnerabilities in 34 millions flash files
(http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00035.html).
Yes, still the same. Same holes in different web application. As it clearly
stated in my advisory.
With this vulnerabilities in one script which is using (the script itself or
its code) in multiple webapps, which makes them vulnerable, I used the same
approach as with vulnerabilities in WP-Cumulus. And I already reported to
security mailing lists about vulnerabilities in WP-Cumulus and in other web
applications which are using tagcloud.swf in the end of 2009 and in 2010.
So why not you, nor other readers of the list are asking the question (aka
moaning) about the same vulnerabilities in these webapps - which all are
Hello Bugtraq!
I want to warn you about security vulnerabilities in plugin WP-Cumulus for
WordPress.
These are Full path disclosure and Cross-Site Scripting vulnerabilities.
Full path disclosure:
http://site/wp-content/plugins/wp-cumulus/wp-cumulus.php
of flashes tagcloud.swf in Internet which are potentially vulnerable to XSS
attacks. Taking into account that people mostly didn't draw attention in
previous article to my mentioning about another 34 millions of vulnerable
flashes, then I decided to write another article about it.
File tagcloud.swf was developed by author of plugin WP-Cumulus for WordPress
(http://websecurity.com.ua/3665/) and it's delivered with this plugin for
WordPress, and also with other plugins, particularly Joomulus
(http://websecurity.com.ua/3801/) and JVClouds3D
(http://websecurity.com.ua/3839/) for Joomla and Blogumus
(http://websecurity.com.ua/3843/) for Blogger. Taking into account
http://site/modules/mod_jvclouds3D/jvclouds3D/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E
Code will execute after click. It's strictly social XSS.
Also it's possible to conduct (like in WP-Cumulus and Joomulus) HTML
Injection attack, including in those flash files which have protection (in
flash files or via WAF) against javascript and vbscript URI in parameter
tagcloud.
HTML Injection:
