TUCoPS :: Web :: Guestbooks :: b06-3481.htm

Sport-slo.net Guestbook v1.0
Sport-slo.net Guestbook v1.0
Sport-slo.net Guestbook v1.0


Advanced Guestbook v1.0=0D
=0D
Homepage:=0D
http://www.sport-slo.net/=0D 
=0D
Affected files:=0D
guestbook.php=0D
=0D
-----------------------------------------------=0D
=0D
XSS vuln on guestbook.php:=0D
=0D
Data isn't sanatized before being submit to guestbook.txt and displayed onscreen. The code:=0D
=0D
if($_POST['action'])=0D
{=0D
  if($_POST['name'] && $_POST['form'])=0D
  {=0D
    $action = $_POST['name'] . "@" . $_POST['form'] . "@" . $ip . "@" . $date . "\n";=0D
    =0D
    $handler = fopen("guestbook.txt", "a");=0D
    fputs($handler, $action);=0D
    fclose($handler);=0D
    =0D
    print "Thank you!";=0D
=0D
For a PoC as your name or opinion put:=0D
=0D
=0D
It should also be noted that this script comes with the dir /guestbook/and inside that is the cjGuestbook v1.2. v1.3 (which is a newer version) of cj'sguestbook has XSS vulns which i've submitted before.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH