bug or security issue

Please report bugs and any annoyances here. Kindly include all possible details: steps to reproduce, expected result, actual result, screenshots, ... etc.
Post Reply
riko01
Posts: 8
Joined: 2020-06-22 19:24

bug or security issue

Post by riko01 » 2021-01-30 08:01

I don't understand about security holes. i found
https://www.exploit-db.com/exploits/47725.

this is a bugss or a security issue?

please reproduce the following steps.

1. http://localhost/admin/pageEditGroup.php?groupID=1

2. edit description with payload
><h1><IFRAME SRC=# onmouseover="alert(document.cookie)"></IFRAME>123</h1>


https://ibb.co/Z8FfSsG

https://ibb.co/y020KhV

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: bug or security issue

Post by jsetzer » 2021-01-30 09:48

Thanks a lot for this hint, which has been posted in 2019.

I have briefly tested with current AppGini Northwind Demo based on version 5.94: I was not able to edit group description by using that link.

I am not willing to guarantee anything security related but I remember there were quite a lot security updates the last two years.

I am going to check this for my older projects and update them to 5.94. Maybe others can also verify/falsify and report back.

Once again thank you!
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

riko01
Posts: 8
Joined: 2020-06-22 19:24

Re: bug or security issue

Post by riko01 » 2021-01-30 10:28

https://pastebin.com/TaKWiAY3

please copy paste into the description box area. I think it's a security issue.
i am using appgini version 5.94

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: bug or security issue

Post by jsetzer » 2021-01-30 10:50

Well, I'm not a security expert nor hacker. This is just the result of a very first test of mine.

As mentioned before, I cannot access the url mentioned in that vulnerability report without being logged in into a 5.94 app.

http://bigprof.com/demo/admin/pageEditG ... ?groupID=1

Can you enter the edit page for groups? I cannot. I get to the home page instead.

So, if I cannot access that page, I cannot paste any risky content into the (non existant) description field.

Don't know if someone can POST (inject) an offending payload into a page he/she cannot access. Security experts should investigate and report back.

Hopefully that vulnerability has already been closed by one of the last AppGini updates!
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

Post Reply