| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Nov 2005 02:54:42 -0800 (PST) From: alireza hassani <trueend5@...oo.com> To: bugtraq@...urityfocus.com Subject: VUBB XSS & path disclosure Vulnerabilities [KAPDA::#10] - VUBB XSS & path disclosure vulnerabilities KAPDA New advisory Vendor: http://www.vubb.com Version: vubb alpha rc1 Bug: XSS & path disclosure Exploitation: Remote with browser Discussion: -------------------- VuBB is a Free PHP/MySQL forum/bulletin board system. Vulnerability: -------------------- XSS: A remote user can create a specially crafted URL that, when loaded by a target user, will cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the VUBB software and will run in the security context of that site. PATH Disclosure: A remote user can supply a specially crafted URL to cause the system to display an error message that discloses the installation path and other data. Demonstration URL : -------------------- http://www.example.com/forum/index.php?act=newreply&t='>%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E&f=6 http://www.example.com/forum/index.php?act=viewforum&f=' Solution: -------------------- There is no vendor-supplied patch for this issue at this time. More Detail: -------------------- original advisory: http://irannetjob.com/content/view/152/28/ Credit : -------------------- Discovered & released by trueend5 (trueend5 kapda ir) Security Science Researchers Institute Of Iran [KAPDA.ir] __________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com
Powered by blists - more mailing lists