[26111] in bugtraq

home help back first fref pref prev next nref lref last post

RE: XSS Hole in Fluid Dynamics Search engine

daemon@ATHENA.MIT.EDU (Zoltan Milosevic)
Wed Jul 10 18:38:15 2002

From: "Zoltan Milosevic" <zoltanm@xav.com>
To: <valdeux@aol.com>, <contact@securitybugware.org>,
        <bugtraq@securityfocus.com>
Date: Wed, 10 Jul 2002 10:16:11 -0700
Message-ID: <00fb01c22835$7d5f23c0$d09ce10c@c152048a>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <200207101439.g6AEdbQ02829@localhost.localdomain>

Hello,

Thanks for this bug report.

I have released an updated version which includes a fix (FDSE version
2.0.0.0055).  For the folks at securitybugware.org and
securityfocus.com, would you please include a mention of this update if
you issue a report.

Thanks,
Zoltan Milosevic
(360) 944-8387

Fluid Dynamics Search Engine
http://www.xav.com/scripts/search/



-----Original Message-----
From: valdeux [mailto:valdeux@aol.com] 
Sent: Wednesday, July 10, 2002 7:40 AM
To: scripts@nickname.net; contact@securitybugware.org;
bugtraq@securityfocus.com; valdeux@aol.com
Subject: XSS Hole in Fluid Dynamics Search engine


Name :		FD Search Engine
Vendor : 	Fluid Dynamics - http://www.xav.com
Version :	Probably all
Demo :		http://www.xav.com/search.pl

Note :	Sorry for my poor english ...
-------------------------------------



PROBLEM
	For a multiple result pages search, the script uses the variable
Rank wich 
contains current result number.
	Anything could be written into, including HTML tags.


EXEMPLE
	
http://www.xav.com/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhit
s=10&
Rank=<br><h1>XSS</h1>
	Note : it works because "test" returns several pages.

SOLUTION
	None yet.
home help back first fref pref prev next nref lref last post