Bugtraq mailing list archives

CuteGuestbook XSS attack


From: omnipresent () email it
Date: 4 May 2006 15:09:38 -0000

------------------------------------------------------------------
          - Cute Guestbook Remote XSS Exploit -
   -= http://colander.altervista.org/advisory/CuteGuestbook.txt =-
------------------------------------------------------------------

                        -= Cute Guestbook =-



Omnipresent
May 04, 2006


Vunerability(s):
----------------
XSS Exploit


Product:
--------
Cute Guestbook

Vendor:
--------
http://www.scriptsez.net/index.php?action=detail&id=1086399301


Description of product:
-----------------------

PHP based guestbook requires no configuration and no database. Features: Bad words filter, number of messages per page, 
total messages to keep in record, emoticons with comments and much more.

Platform(s):    linux, windows
Date Added:     Jun 5, 2004
Last Updated:   Feb 11, 2006
Author:         Scriptsez Inc.


Vulnerability / Exploit:
------------------------

The applications Cute Guestbook is vulnerable to an XSS (Cross-Site Scripting) Attack.

PoC / Proof of Concept:
-----------------------

An attacker can go to this URL:

http://www.victim_host/[path]/guestbook.php?action=sign

or

http://www.victim_host/[path]/guestbook.php

and then click on:

Click here to sign our Guestbook

Then insert in the field Name the Nick and in the field Comments put XSS like:
<script>alert("You are vulnerabile to XSS")</script>



Additional Informations:
------------------------

google dorks: "Powered By:Cute Guestbook"

Vendor Status
-------------

Not informed!

Credits:
--------
omnipresent
omnipresent () email it


Current thread: