| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 5 Aug 2005 14:15:31 -0000 From: zinho@...kerscenter.com To: bugtraq@...urityfocus.com Subject: [HSC Security Group] Multiple XSS in phpopenchat 3.0.2 Hackers Center Security Group (http://www.hackerscenter.com/) Zinho's Security Advisory Desc: Multiple XSS in phpopenchat 3.0.2 Risk: Medium to High "PHPOpenChat is a high performance php-based chat server software for a live chat-room or -module on every php-based site." 1. (permanent) XSS hole in profile.php and profile_misc.php "title" and "content" arguments passed with method POST are not sanitized and can generate a permanent XSS hole thus stealing cookie of anyone viewing the user profile page 2. (permanent) XSS hole due to the previous in userpage.php. A malicious user can manipulate the profile fields and the script will be executed in userpage.php 2. (permanent) XSS hole in mail.php Probably the most dangerous as it can be directed against a specified user knowing just his nickname. "subject", "body" and the other email parameters are not sanitized. 3. (temporary) XSS hole in invite.php "disinvited_chatter" and "invited_chatter" Vendor has been contacted some days ago but we got no reply so far. -- HSC Security Group Get your site audited for free and ay only if we find it vulnerable! http://www.hackerscenter.com/security Security researcher? Join us: mail me at zinho@...kerscenter.com
Powered by blists - more mailing lists