Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Boardhost.com - XSS

From: luny () youfucktard com
Date: 15 Jun 2006 22:04:41 -0000
Boardhost.com 

Description:

Free Msgboard hosting service.

Homepage:
http://www.Boardhost.com

Affected files
Input boxes of posting a message
Searching for a listing board

-------------------------------------------------

XSS vuln with cookie disclosure when posting a msg (Tested on boardhost.com's test msg board and a members board):

Boardhost doesn't properly filter user input before generating it. For PoC (Works on members with free account) try 
putting:

<IMG SRC="javascript:alert('XSS');">

Now, to bypass the filters for Members with paying accounts, its pretty easy. You'll notice they have paying accounts 
if their boards let you post links and images 

with your post. For a PoC there, in the Message:, or links input boxes just put http:// before your javascript.

http://<IMG SRC="javascript:alert('XSS');">

Screenshots:
http://www.youfucktard.com/xsp/boardhost1.jpg
http://www.youfucktard.com/xsp/boardhost2.jpg
http://www.youfucktard.com/xsp/boardhost3.jpg
http://www.youfucktard.com/xsp/boardhost4.jpg
Previous By Date Next
Previous By Thread Next

Current thread: