[KAPDA::#13] - XMB HTML Injection & Path Disclosure. Nov 17 2005 09:44AM
alireza hassani (trueend5 yahoo com)
[KAPDA::#13] - XMB (extreme message board) HTML
Injection & Path Disclosure.

KAPDA New advisory
Vendor: http://www.xmbforum.com
Bug: HTML Injection & Path Disclosure
Exploitation: Remote with browser

XMB is a free message board powered by PHP and MySQL.

HTML Injection: The software does not properly filter
HTML tags in member.php ["Your Current Mood" field] at
the time of registeration (/member.php?action=reg)
that may allow a remote user to inject HTML/javascript
codes. The hostile code may be rendered in the web
browser of the victim user who will visit the
For example: >> Your Current Mood:
Vulnerable Versions: XMB 1.9.3 Nexus (Final) , XMB
1.9.2 Nexus & also all versins
Path Disclosure:A remote user can supply a specially
crafted URL to cause the system to display an error
message that
discloses the installation path and other data.
Demonstration URL :
Vulnerable Version: XMB 1.9.2 Nexus

There is no vendor-supplied patch for this issue at
this time.
Note: the security patch that released by vendor is
for another vulnerability

Original advisory:

Credit :
Discovered & released by trueend5 (trueend5 kapda ir)
Security Science Researchers Institute Of Iran

Yahoo! Mail - PC Magazine Editors' Choice 2005

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus