Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Software PBLang 4.65 search.php XSS vulnerability

from [Raven] Network Security [Permanent Link]
Subject: Software PBLang 4.65 search.php XSS vulnerability
Date: 22 Feb 2005 21:29:19 -0000 


 [][][][][][][][][][][][][][][][][][][][][][][][][][]
[][][]  
 []  
 [] HRG - Hackerlounge Research Group 
 [] Release: HRG001 
 [] Friday 11-02-05  
 [] Software PBLang 4.65 search.php XSS vulnerability  
 []  
 [] The author can't be held responsible for any 
damage  
 [] done by a reader. You have your own resonsibility  
 [] Please use this document like it's meant to.  
 []  
 [][][][][][][][][][][][][][][][][][][][][][][][][][]
[][][]  
  
 Vulnerable: PBLang 4.65 (current) (and earlier?)  
  
  
 ---  
  
 General information:  
  
 PBLang is an international BBS-software based on 
PHP. It does not require any database but bases on a 
flatfile system. Many professional features. More 
info on the project website.  
  
  
 ---  
  
 Description:  
  
 The search.php script is vulnerable to a XSS attack 
by a remote attacker. The searched string is not 
filtered for any harmfull characters like < > and ". 
This makes it possible for an attacker to trick a 
user into going to a harmfull page and stealing a 
session.  
  
  
 ---  
  
 Proof Of Concept:  
  
 Type in the search box "&lt;script 
language="javascript">alert("Hackerlounge.com pwns 
joo");&lt;/script&gt;" and submit. An alertbox with the 
text "Hackerlounge.com pwns joo" should come up. 
  
  
 ---  
  
 Fix and Vendor status:  
  
The vendor has been notified, expect an official 
patch soon. 
  
  
 ---  
  
Credit: 
 
HRG (Hackerlounge Research Group). 
Hackerlounge.com 
TGS-Security.com 
 
 [][][][][][][][][][][][][][][][][][][][][][][][][][]
[][][]  
 []  
 [] HRG - Hackerlounge Research Group 
 [] Release: HRG001 
 [] Friday 11-02-05  
 [] Software PBLang 4.65 search.php XSS vulnerability  
 []  
 [] The author can't be held responsible for any 
damage  
 [] done by a reader. You have your own resonsibility  
 [] Please use this document like it's meant to.  
 []  
 [][][][][][][][][][][][][][][][][][][][][][][][][][]
[][][]
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Software PBLang 4.65 search.php XSS vulnerability, Raven <=
Previous by Date:  [Full-Disclosure] Incorrect Classification of iDownload's Product as Spyware..., Paul Laudanski
Next by Date:  Software PBLang 4.65 pmpshow.php XSS vulnerability, Raven
Previous by Thread:  [Full-Disclosure] Incorrect Classification of iDownload's Product as Spyware..., Paul Laudanski
Next by Thread:  Software PBLang 4.65 pmpshow.php XSS vulnerability, Raven
Indexes:  [Date] [Thread] [Top] [All Lists]