Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Guestbooks :: bt474.txt

GuestBookHost : Cross Site Scripting CGI:





-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



              GuestBookHost : Cross Site Scripting


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Program    : GuestBookHost
Url vendor : http://www.nukedweb.com/phpscripts/guestbookhost.php
Problem    : Multiple Cross Site Scripting Vulnerabilities
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Author     : Julien LANTHEA (contact@jlanthea.net)
Www        : jlanthea.net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


DESCRIPTION :
~~~~~~~~~~~~~
GuestBookHost allows you to start your own free guestbook service
for you to offer to other webmasters. Other webmasters can sign
up to your service, get the HTML code for their guestbook, view
the stats, set the colors for their guestbook, and users can log
in later to edit these settings. GuestBookHost also blocks users
from posting multiple times.


PROBLEM :
~~~~~~~~~
When you sign the guestbook, it's possible to include codes into
the 'Name', 'Email' or 'Message' fields. Then when the guestbook
is viewed, the code is executed (client side).


EXPLOIT :
~~~~~~~~~
For example, by including the following javascript code into one
of the 3 fields, the guestbook would be out of service, because when
requested, it would immediatly redirect every clients to 'www.toto.com'.

<script>window.location.replace("http://www.toto.com");</script>


SOLUTION :
~~~~~~~~~~
No solution yet, vendor has been informed by mail.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+96wah1Va+cDKxxQRAh5pAJsHiU9YXTA70bFQ/Ntej950M5uQBACfVWcf
ajgpSvmGc8dbbuyqlfpCZn8=
=VvAI
-----END PGP SIGNATURE-----


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH