I would like to warn you about security vulnerabilities in plugin WP-Cumulus for
WordPress.
These are Full path disclosure and Cross-Site Scripting vulnerabilities.
Which is a web-application vulnerabilities which
allow attackers to bypass client-side security mechanisms normally
imposed on web content by modern web browsers.
By finding ways of injecting malicious scripts into web pages, an
attacker can gain elevated access-privileges to sensitive page content,
session cookies, and a variety of other information maintained by the
browser on behalf of the user.
Full path disclosure:
http://site/wp-content/plugins/wp-cumulus/wp-cumulus.php
XSS:
http://site/wp-content/plugins/wp-cumulus/tagcloud.
swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:
alert(document.cookie)'+style='font-size:
+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E
Code will execute after click. It's strictly social XSS. There are a lot of vulnerable tagcloud.swf file in Internet (according to Google):
Full path disclosure:
http://site/wp-content/plugins/wp-cumulus/wp-cumulus.php
XSS:
http://site/wp-content/plugins/wp-cumulus/tagcloud.
swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:
alert(document.cookie)'+style='font-size:
+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E
Code will execute after click. It's strictly social XSS. There are a lot of vulnerable tagcloud.swf file in Internet (according to Google):
http://www.google.com.au/search?q=filetype:swf+inurl:tagcloud.swf
So to all flash developers, I recommend you to attend to security of their flash files. And for the owners of sites, with vulnerables flashes like tagcloud.swf, fix them or turn over to your development team to fix it.
Alfredo CedenoIT Security Analyst & Advisor
http://ajcborges.blogspot.com 
