|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 GuestBookHost : Cross Site Scripting ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Program : GuestBookHost Url vendor : http://www.nukedweb.com/phpscripts/guestbookhost.php Problem : Multiple Cross Site Scripting Vulnerabilities ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Author : Julien LANTHEA (contact@jlanthea.net) Www : jlanthea.net ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ DESCRIPTION : ~~~~~~~~~~~~~ GuestBookHost allows you to start your own free guestbook service for you to offer to other webmasters. Other webmasters can sign up to your service, get the HTML code for their guestbook, view the stats, set the colors for their guestbook, and users can log in later to edit these settings. GuestBookHost also blocks users from posting multiple times. PROBLEM : ~~~~~~~~~ When you sign the guestbook, it's possible to include codes into the 'Name', 'Email' or 'Message' fields. Then when the guestbook is viewed, the code is executed (client side). EXPLOIT : ~~~~~~~~~ For example, by including the following javascript code into one of the 3 fields, the guestbook would be out of service, because when requested, it would immediatly redirect every clients to 'www.toto.com'. <script>window.location.replace("http://www.toto.com");</script> SOLUTION : ~~~~~~~~~~ No solution yet, vendor has been informed by mail. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+96wah1Va+cDKxxQRAh5pAJsHiU9YXTA70bFQ/Ntej950M5uQBACfVWcf ajgpSvmGc8dbbuyqlfpCZn8= =VvAI -----END PGP SIGNATURE-----