Bugtraq mailing list archives
Levcgi.coms MyGuestbook JavaScript Injection Vulnerability
From: "BrainRawt ." <brainrawt () hotmail com>
Date: Tue, 30 Apr 2002 21:45:25 +0000
___________ ____________ ____ __ ___ ______________ |\ ____ \ |\ ____ \ |\ \|\ \|\ \ |\_____ ____\ | \ \__|\ \ | \ \__|\ \ | \ \ \ \ \ \ | | |\ \ | \ \ ___ | \ \ ____ \ \ \ \_| \_| \ \|___| \ \__| \ \ \_|\ \_ \ \ \__|\ \ \ \ _ \ \ \ \ \ \ \\ \ \ \ \ \ \ \ \ \ \ |\ http://rawt.daemon.sh \ \___\\ \___\ \ \___\ \ \___\ \ \____| \_____\ \ \___\ \ | | \ | | \ | | \ | | \ | |\ | | \ | | \|___| \|___| \|___| \|___| \|___| \|____| \|___| Levcgi.coms MyGuestbook JavaScript Injection Vulnerability Discovered By BrainRawt (brainrawt () hotmail com) About MyGuestbook: ------------------ Highly customizable guestbook that was released on Feb. 20, 2002, and can be downloaded at http://www.levcgi.com/programs.cgi?program=myguestbook According to the website, ...myGuestbook has been downloaded 1298 times! Vulnerable (tested) Versions: -------------------- MyGuestbook v 1.0 Vendor Contact: ---------------- 4-28-02 - Emailed lev () taintedthoughts com 4-30-02 - No Reply from the author and I have decided not to wait since I never got a reply about another concern i had several months ago involving one of his cgi scripts. Vulnerability: ---------------- myguestbook inproperly filters input to the guestbook making the guestbookprone to cross-site scripting attacks by malicious visitors to the site. This could be a medium to high concern when mixed with a website that uses cookies.
Exploit (POC): ----------------Sign up and post using the "name" <script>alert('evil+java+script+here')</script>
orWhen posting comments just insert the <script>alert('evil+java+script+here')</script>
to the comments field. -------------------------------------------------------------------------- Knowledge is Power! How Powerful are you? - BrainRawt _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com
Current thread:
- Levcgi.coms MyGuestbook JavaScript Injection Vulnerability BrainRawt . (Apr 30)