VIR Vulnerability Intelligence Relay

CVE-2012-1005

medium
Published 2012-02-07 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
5.3

Description

Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote attackers to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-18451 webapps windows verified text ยท 2 KB
SecPod Research ยท 2012-02-02

Sphinix Mobile Web Server 3.1.2.47 - Multiple Persistent Cross-Site Scripting Vulnerabilities

text exploit Source: Exploit-DB 
##############################################################################
#
# Title    : Sphinix Mobile Web Server Multiple Persistent XSS Vulnerabilities
# Author   : Prabhu S Angadi SecPod Technologies (www.secpod.com)
# Vendor   : http://www.sphinx-soft.com/MWS/index.html
# Advisory : http://secpod.org/blog/?p=453
#            http://secpod.org/advisories/SecPod_SPHINX_SOFT_Mobile_Web_Server_Mul_Persistence_XSS_Vulns.txt
# Software : Mobile Web Server U3 3.1.2.47
# Date     : 01/08/2012
#
###############################################################################

SecPod ID: 1027					23/08/2011 Issue Discovered
                                                20/01/2012 Vendor Notified
						No Response
						01/02/2012 Advisory Released


Class: Cross-Site Scripting (Persistent)        Severity: Medium


Overview:
---------
Sphinx Software Mobile Web Server is prone to multiple persistent Cross Site
Scripting vulnerabilities.


Technical Description:
----------------------
Input passed via the 'comment' to 1)/Blog/MyFirstBlog.txt,
2)/Blog/AboutSomething.txt pages are not properly verified, which allows remote
attackers to inject arbitrary script code.


Impact:
--------
Successful exploitation could allow remote attackers to execute malicious
scripts and steal sensitive data.


Affected Software:
------------------
Mobile Web Server U3 3.1.2.47


Tested on:
-----------
Mobile Web Server U3 3.1.2.47 on Windows XP SP2.


References:
-----------
http://secpod.org/blog/?p=453


Proof of Concept:
----------------
1) /Blog/MyFirstBlog.txt?comment=<script>alert(1234)</script>&submit=Add+Comment


2) /Blog/AboutSomething.txt?comment=<script>alert(1234)</script>&submit=Add+Comment


Vendor URL:
----------------
http://www.sphinx-soft.com/MWS/index.html


Solution:
----------
Not available


Risk Factor:
-------------
    CVSS Score Report:
        ACCESS_VECTOR          = NETWORK
        ACCESS_COMPLEXITY      = LOW
        AUTHENTICATION         = NOT_REQUIRED
        CONFIDENTIALITY_IMPACT = PARTIAL
        INTEGRITY_IMPACT       = PARTIAL
        AVAILABILITY_IMPACT    = NONE
        EXPLOITABILITY         = PROOF_OF_CONCEPT
        REMEDIATION_LEVEL      = UNAVAILABLE
        REPORT_CONFIDENCE      = CONFIRMED
        CVSS Base Score        = 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)

Credits:
--------
Prabhu S Angadi of SecPod Technologies has been credited with the discovery of this
vulnerability.

Application impact
VendorProductVersionsFixed
sphinx-softmobile_web_server3.1.2.47

References

CWEs

CWE-79

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.