| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1f9bad3a0805121241u2b5d085fha1676a672e28c4e2@mail.gmail.com>
Date: Mon, 12 May 2008 20:41:35 +0100
From: SmOk3 <smok3f00@...il.com>
To: bugs@...uritytracker.com, bugtraq@...urityfocus.com, admin@...e-h.org,
submit@...w0rm.com, vuldb@...urityfocus.com, vuln@...unia.com,
full-disclosure@...ts.grok.org.uk
Subject: XSS flaws in Omerta script
original advisory at http://www.davidsopas.com/soapbox/omerta_xss.txt
XSS flaws in Omerta script (www.barafranca.com)
version tested: 2.7c and 2.8(newer version)
by David Sopas Ferreira
<smok3f00 at gmail.com>
<www.davidsopas.com>
Found and reported at : 5-05-2008PT
Full disclosure at : 12-05-2008PT
?!---------------------------------------------------------
XSS
----!?
On this online RPG, it's possible for a malicious user
use XSS (Cross Site Scripting) attacks to steal users cookies
and possibly their account.
The files affected by this are:
msg.php, unfiltred var=nick
view-topic.php, unfiltred var=page
donate.php, unfiltred var=nation
Attack example here:
msg.php?nick=ValidUser%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
forums/view-topic.php?id=3830&page=2%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
donate.php?nation=PT%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
?!---------------------------------------------------------
How to fix it
-------------!?
Edit the source code to ensure that input is properly sanitised.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists