by r0t,der4444,cembo,VietMafia

Friday, December 23, 2005

eggblog vuln.

eggblog vuln.

Vuln. discovered by : r0t
Date: 22 dec. 2005
vendor:www.epicdesigns.co.uk/projects/eggblog.php
affected version:eggblog v2.0 and prior


Product Description:

eggblog is a small, simple, secure and open source blogging package. Anyone with a php and mysql enabled server can make use of our easy to install package to create their own personal blog.


Vuln. Description:


1.
eggblog contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to parameters in "home/search.php" and when performing a search isn't properly sanitised before being returned to the user.
This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

2.
It is also possible to disclose the full path to "search.php" by accessing it with an invalid "q" parameter.


Solution:
Edit the source code to ensure that input is properly sanitised.

1 Comments:

Anonymous Egg told...

Items resolved in latest release, v3.0b.

Please remove this post.

6:16 PM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew