Guesbook Pro XSS & HTML Injection

From: SoulBlack Group (soulblacktm_at_gmail.com)
Date: 05/11/05

  • Next message: Shaun Colley: "Ethereal <= 0.10.10 SIP dissector stack overflow DoS exploit"
    Date: Tue, 10 May 2005 21:36:58 -0300
    To: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com, news@securiteam.com, sec@soulblack.com.ar, bugs@securitytracker.com, submissions@packetstormsecurity.org, vuln@secunia.com, alerts_advisories@net-security.org
    
    

    ============================================================

    ============================================================
    Title: Guestbook PRO
    Vulnerability discovery: SoulBlack - Security Research -
    http://soulblack.com.ar
    Date: 10/05/2005
    Severity: Medium. defacement website
    Affected version: <= v3.2.1
    vendor: PixySOft.
    ============================================================

    ============================================================

    * Summary *

    Guestbook PRO is an advanced guestbook for WebApp.

    ------------------------------------------------------------------------------------------------------------------------

    * Problem Description *

    A new vulnerability is in the content and title of msg, when not controlling the
    entrance of characters, being able to inject HTML code.

    ------------------------------------------------------------------------------------------------------------------------

    * Example *

    Type in the title or content of msg

    <script>alert(document.cookie)</script>

    <iframe src=http://othersite/sb.php>

    ------------------------------------------------------------------------------------------------------------------------

    * Fix *

    Contact the Vendor.

    ------------------------------------------------------------------------------------------------------------------------

    * References *

    http://www.soulblack.com.ar/repo/papers/guesbookpro_advisory.txt

    ------------------------------------------------------------------------------------------------------------------------

    * Credits *

    Vulnerability reported by SoulBlack Security Research

    ============================================================

    --
    SoulBlack - Security Research
    http://www.soulblack.com.ar
    

  • Next message: Shaun Colley: "Ethereal <= 0.10.10 SIP dissector stack overflow DoS exploit"

    Relevant Pages