[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060612050054.1801.qmail@securityfocus.com>
Date: 12 Jun 2006 05:00:54 -0000
From: luny@...fucktard.com
To: bugtraq@...urityfocus.com
Subject: Wireclub.com - XSS & cookie disclosure
Wireclub.com
Homepage:
http://www.wireclub.com
Effected files:
input boxes of editing a profile
XSS Vuln with no filter evasion at all:
<IMG SRC=javascript:alert('XSS')>
We notice that when trying to put a url in the Open line about yourself input box, we get the msg "no urls allowed" as well as "the field cannot contain profanity (since i'm using youfucktard), One way to bypass this msg is change the whole url to decimal value. or just parts of it; ie: http:// or the ending of it, as well as part of the word "fuck"
PoC:
http://youfucktard.com
Screenshots:
http://www.youfucktard.com/xsp/wire1.jpg
http://www.youfucktard.com/xsp/wire2.jpg
http://www.youfucktard.com/xsp/wire3.jpg
XSS Vuln in same edit box, this time writing the cookie on screen:
[img src="javascript:document.write(document.cookie)"]
Screenshots:
http://www.youfucktard.com/xsp/wire4.jpg
http://www.youfucktard.com/xsp/wire5.jpg
Powered by blists - more mailing lists