Web Technology Hut: CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) Web Application Cyber Security Zero Day Bug

CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) Web Application Cyber Security Zero Day Bug

Exploit Title: goYWP WebPress Multiple XSS (Cross-Site Scripting) Security Vulnerabilities

Product: WebPress

Vendor: goYWP

Vulnerable Versions: 13.00.06

Tested Version: 13.00.06

Advisory Publication: December 09, 2014

Latest Update: January 01, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: CVE-2014-8751

Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
CVSS Version 2 Metrics:
Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized modification
Discover and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Advisory Details:

(1) Vendor & Product Description:

Vendor:
goYWP

Product & Vulnerable Versions:
WebPress
13.00.06

Vendor URL & Download:
Product can be obtained from here,
http://www.goywp.com/view/cms
http://www.goywp.com/demo.php

Google Dork:
Powered by goYWP.com

Product Introduction:

“WebPress is the foundation on which we build web sites. It’s our unique Content Management System (CMS), flexible enough for us to build your dream site, and easy enough for you to maintain it yourself. Webpress online content payment utility fit goywp unique modules solutions interactive services tried-and-true combination tools education ywp nkpress nkpress th pay customers website services webpress bills allowing cms custom location ywp ywp our team history connect feedback featured sites client streetparagould area network blog facebook twitter linkedin flickr delicious myspace e-newsletter subscribe 112 ywp about nkpress about development web design flash applications mobile design custom networking e-commerce th programming social software interface upi websites great schools utilities sizes businesses creates client blog expectations approach area branding work featured add-on tons custom programming changing industry security offer management contact e-commerce granular integration.”

(2) Vulnerability Details:
WebPress web application has a computer security problem. Hackers can exploit it by reflected XSS cyber attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.

Several other similar products 0-day vulnerabilities have been found by some other bug researchers before. WebPress has patched some of them. "scip AG was founded in 2002. We are driven by innovation, sustainability, transparency, and enjoyment of our work. We are completely self-funded and are thus in the comfortable position to provide completely independent and neutral services. Our staff consists of highly specialized experts who focus on the topic information security and continuously further their expertise through advanced training".

(2.1) The first security code flaw occurs at “/search.php” page with “&search_param” parameter in HTTP GET.

(2.2) The second security code flaw occurs at “/forms.php” (form submission ) page with “&name”, “&address” “&comment” parameters in HTTP POST.