BugTraq
Back to list
|
Post reply
[XSS] paBox 1.6
Mar 03 2005 09:52AM
Rift (Sean Sage-web com)
Just wanted to let it be known seeing as i havent seen any info on this yet, ive discovered a cross scripting problem in PABox 1.6
http://phpnuke.org/modules.php?name=News&file=article&sid=5065
they give a demo page of pabox there. if you take the default form used for the shoutbox, there are always two parameters marked as hidden:
<input type="hidden" name="date"...
and
<input type="hidden" name="time"...
you can easily extract the form from anysite's pabox and change the date value to "text" and inject scripting code into it.. for example
<h1><marquee><script>document.write(document.cookie);</script&g
t;</marquee></h1><noscript>
obviously your code can be modified to do anything of your liking.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Just wanted to let it be known seeing as i havent seen any info on this yet, ive discovered a cross scripting problem in PABox 1.6
http://phpnuke.org/modules.php?name=News&file=article&sid=5065
they give a demo page of pabox there. if you take the default form used for the shoutbox, there are always two parameters marked as hidden:
<input type="hidden" name="date"...
and
<input type="hidden" name="time"...
you can easily extract the form from anysite's pabox and change the date value to "text" and inject scripting code into it.. for example
<h1><marquee><script>document.write(document.cookie);</script&g
t;</marquee></h1><noscript>
obviously your code can be modified to do anything of your liking.
[ reply ]