[VIM] TRUE: Open Translation Engine (OTE) 0.7.8 RFI (+ XSS)

Heinbockel, Bill heinbockel at mitre.org
Mon May 7 15:48:49 UTC 2007

MILW0RM: 3838

In the OTE 0.7.8 package:

File dev/skin/header.php (line 11):
	include($ote_home . '/skins/css.php');

Additionally, there appear to be some XSS issues
later on (lines 13-17):
	?><title><? echo $title ?></title>
	</head><body><form><table border="0" cellpadding="0"
cellspacing="0" class="head
  	<td width="60" class="header_reverse"><a href="<? echo $web_url
. '/'; ?>"><b>OTE</b></a></td>
  	<td class="header_small"><?  echo $title ?></td>

As you can see, the title and web_url parameters are neither defined
nor passed through htmlspecialchars() or similar.

William Heinbockel
Infosec Engineer, Sr.
The MITRE Corporation
202 Burlington Rd. MS S145
Bedford, MA 01730
heinbockel at mitre.org

More information about the VIM mailing list