CGI-City's CCGuestBook Script Injection Vulns

From: BrainRawt . (brainrawt@hotmail.com)
Date: 03/29/03

  • Next message: BrainRawt .: "CGI-City's CCLOG Script Injection Vulns" 
    From: "BrainRawt ." <brainrawt@hotmail.com>
To: bugtraq@securityfocus.com
Date: Sat, 29 Mar 2003 18:47:04 +0000

    CGI-City's CCGuestBook Script Injection Vulnerabilities
    Discovered By BrainRawt (brainrawt@hotmail.com)

    About CCGuestBook:
    ------------------
    CC Guestbook is a simple guestbook program that is very easy
    to configure and install. It features a notification facility
    which sends an email alert to the guestbook owner whenever new
    entries are made. It may also be used as a post-it board to
    allow visitors to a web site to just post messages.

    CCGuestBook can be downloaded from the following address.

    http://www.icthus.net/CGI-City/scr_cgicity.shtml#CCGUEST

    Vendor Contact:
    ----------------
    1-30-03 Emailed cgicity@icthus.net

    No Response

    Vulnerability:
    ----------------
    cc_guestbook.pl neglects filtering user input allowing for script
    injection to the guestbook via "name" and "webpage title". The
    injected script will be executed in anyones browser who visits
    the guestbook.

    Exploit (POC):
    ----------------
    <script>alert('obvious?')</script>

    _________________________________________________________________
    Protect your PC - get McAfee.com VirusScan Online
    http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

  • Next message: BrainRawt .: "CGI-City's CCLOG Script Injection Vulns"

    Relevant Pages

    • Jason Maloneys Guestbook XSS Vulnerability.
      ... Jason Maloney's Guestbook is a simple CGI script which ... is both an easy to use and easy to setup guestbook ... print MAIL "Reply-to: $FORM ... print MAIL "Subject: Entry to YOUR Guestbook\n\n"; ...
      (Bugtraq)
    • Re: Hiding email links from spammers
      ... >>have email set up. ... The script is used to potentially send mail to anyone who includes their email ... address in my guestbook, as well as my personal email address. ... script on another server to constantly post the form on my server. ...
      (comp.lang.php)
    • [UNIX] CGI-Citys CCGuestBook Script Injection Vulnerabilities
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... a "simple guestbook program that is very easy to configure and install. ... injected script will be executed in the user's browser whenever he visits ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
      (Securiteam)
    • Re: guestbook
      ... Publisher produces static pages and does not support dynamic functions such ... A guestbook is generally a script, ... provided by your host and written in a language such as Perl, php, asp etc. ... Many free guestbook hosts and scripts exist. ...
      (microsoft.public.publisher.webdesign)