CVE-2007-2801

eTicket 1.5.5 and 1.5.5.1 - Cross-Site Scripting via err and warn Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2801. PoCs published by Jesper Jurcenoks.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in eTicket versions 1.5.5 and 1.5.5.1, where user-supplied input is not properly sanitized in the 'err' and 'warn' parameters of the open.php file. It includes example URLs demonstrating the vulnerability but does not contain executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) err and (2) warn parameters. NOTE: the vendor disputes the significance of the issue, stating that "eTicket is not designed to work with register_globals On."

Exploits (1)

exploitdb WRITEUP VERIFIED

by Jesper Jurcenoks · textwebappsphp

https://www.exploit-db.com/exploits/30253

View Code ZIP pw:eip

The provided text describes a cross-site scripting (XSS) vulnerability in eTicket versions 1.5.5 and 1.5.5.1, where user-supplied input is not properly sanitized in the 'err' and 'warn' parameters of the open.php file. It includes example URLs demonstrating the vulnerability but does not contain executable exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: eTicket 1.5.5, 1.5.5.1

No auth needed

Prerequisites: Access to the vulnerable eTicket application

MITRE ATT&CK