SnapStream PVS is a Personal Video Station software. It allows the user to
remotely
schedule recordings and playing of Tv shows using video tapes and cable TV.
When the webserver hosting SnapStream PVS LITE recieves a
'GET /?<script>alert('XSS')</script>' its ignores it, the data gets filtered
as it should.
But when it recieves a 'GET /?"><script>alert('XSS')</script>' the filters
are bypassed
and XSS appears and the server allows an attacker to inject & execute
scripts.
Application: SnapStream PVS
Vendor : http://www.snapstream.com
Versions: LITE
Platforms: Windows/Unix
Bug: Cross Site Scripting Vulnerabillity
Risk: Low
Exploitation: Remote with browser
Date: 6 Jan 2004
Author: Rafel Ivgi, The-Insider
e-mail: the_insider (at) mail (dot) com [email concealed]
web: http://theinsider.deep-ice.com
#######################################################################
1) Introduction
2) Bug
3) The Code
#######################################################################
===============
1) Introduction
===============
SnapStream PVS is a Personal Video Station software. It allows the user to
remotely
schedule recordings and playing of Tv shows using video tapes and cable TV.
#######################################################################
======
2) Bug
======
When the webserver hosting SnapStream PVS LITE recieves a
'GET /?<script>alert('XSS')</script>' its ignores it, the data gets filtered
as it should.
But when it recieves a 'GET /?"><script>alert('XSS')</script>' the filters
are bypassed
and XSS appears and the server allows an attacker to inject & execute
scripts.
#######################################################################
===========
3) The Code
===========
http://<host>/?"><script>alert('XSS')</script>
#######################################################################
---
Rafel Ivgi, The-Insider
http://theinsider.deep-ice.com
"Things that are unlikeable, are NOT impossible."
[ reply ]