ftls.org Guestbook 1.1 Script Injection
From: BrainRawt . (brainrawt@hotmail.com)
Date: 01/25/03
- Previous message: Kevin Lindsay: "Re: [USG- SA- 2003.001] USG Security Advisory (slocate)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "BrainRawt ." <brainrawt@hotmail.com> To: bugtraq@securityfocus.com Date: Sat, 25 Jan 2003 01:14:34 +0000
ftls.org Guestbook 1.1 Script Injection Vulnerabilities
Discovered By BrainRawt (brainrawt@hotmail.com)
About MyGuestbook:
------------------
Your basic guestbook that can be downloaded at
http://www.ftls.org/en/examples/cgi/Guestbook.shtml#s1.
Vulnerable (tested) Versions:
--------------------
guestbook v 1.1
Vendor Contact:
----------------
9-27-02 - Emailed webmaster@ftls.org
12-15-02 - Emailed tyndiuk@ftls.org
Vulnerability:
----------------
guestbook.cgi inproperly filters user input making the guestbook
vulnerable to script injection.
Exploit (POC):
----------------
When filling in ones name use:
<script>alert('your_name_field_vuln_to_injection')</script>
When filling in the Title use:
<script>alert('title_field_vuln_to_injection')</script>
When filling in the Comment use:
<script>alert('comments_field_vuln')</script>
---------------------------------------------------------------------
Which looks better? Blackhat or White? You Decide! - BrainRawt
_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
- Next message: Umit Tiric: "Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!"
- Previous message: Kevin Lindsay: "Re: [USG- SA- 2003.001] USG Security Advisory (slocate)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
