by r0t,der4444,cembo,VietMafia

Thursday, December 15, 2005

SiteNet BBS XSS vuln

SiteNet BBS XSS vuln
Vuln. discovered by : r0t
Date: 15 dec. 2005
vendor:www.focalmedia.net/sitenetbbs.html
affected version:2.0 and prior


Product Description:

Fast, customizable, moderation, upload of user images, user profiles, optional user registration, emoticons, e-mail notification and many other features. Also comes with extensive admin and moderator admin panels to manage all aspects of your forums. Also included is a special setup interface to ensure easy installation.


Vuln.description:

SiteNet BBS contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "pg" "tid" "cid" "fid" paremters isn't properly sanitised before being returned to the user.
This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.


examples:

/netboardr.cgi?fid=929&cid=926&tid=965&pg=[XSS]
/netboardr.cgi?fid=929&cid=926&tid=[XSS]
/netboardr.cgi?fid=929&cid=[XSS]
/netboardr.cgi?fid=[XSS]
/search.cgi?cid=[XSS]



Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew