TUCoPS :: Web :: Apps :: b06-1241.htm

G-Book 1.0 XSS And Other Vulnerabilities
HYSA-2006-006 G-Book 1.0 XSS And Other Vulnerabilities
HYSA-2006-006 G-Book 1.0 XSS And Other Vulnerabilities



------------------------------------------------------
      HYSA-2006-006 h4cky0u.org Advisory 015
------------------------------------------------------
Date - Mon March 27 2006


TITLE:
=====
G-Book 1.0 XSS, Possible authentication bypass & mass message flood


SEVERITY:
========
High


SOFTWARE:
========
G-Book 1.0 

Support Website - http://www.6al.net/six/ 


INFO:
====
G-book is extremely simple to customize and publish. There is no need for a MySQL Database. The script incorporates features 

such as administration panel, MESSAGE APPROVAL, smilies, divided posts by pages etc. Its graphics can be altered effortlessly 

through the CSS file. In addition, G-book supports multiple languages. 


DESCRIPTION:
===========
G-Book 1.0 is vulnerable to a XSS attack and you can also get admin access to the guestbook if the user hasn't deleted his 

cookie.

--==XSS==--

In the message board post a message with something like this:



Another bug in G-Book is that a user can post as many messages as he wants to.


FIX:
===
htmlspecialchars + a logout button which will destroy the cookies and post cotrol.


VENDOR RESPONSE:
===============
Bug will be fixed in the next version.


CREDITS:
=======
- This vulnerability was discovered and researched by matrix_killer of h4cky0u Security Forums -

mail : matrix_k at abv.bg

web : http://www.h4cky0u.org 


- Co-Researcher -

h4cky0u of h4cky0u Security Forums.

mail : h4cky0u at gmail.com

web : http://www.h4cky0u.org 

Greets to all omega-team members + krassswr,EcLiPsE and all who support us !!!


ORIGINAL ADVISORY:
=================
http://www.h4cky0u.org/advisories/HYSA-2006-006-g-book.txt 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH