================================================================ WEBAlbum <= 2.0 Remote Stored Cross Site Scripting Vulnerability ================================================================ AUTHOR : CWH Underground DATE : 5 June 2008 SITE : www.citec.us ##################################################### APPLICATION : WEBAlbum VERSION : <= 2.0 VENDOR : http://www.web-album.org/ DOWNLOAD : http://www.web-album.org/en/download/ ##################################################### ------------------------------------------------------ IMPACT: Stored XSS , XSRF , Defacing , etc... ------------------------------------------------------ ---Remote XSS Exploit [add comment section]--- Vulnerable in "add comment" section. That's can input HTML code Injection into comment box then send to server. URL : http://[TARGET]/[webalbum_PATH]/photo_add-c.php POST Variable: comment --> XSS Vulnerabilities POST Variable: id POST Variable: category ################################################################## Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, Win7dos, JabAv0C ##################################################################