Hello, Thanks for this bug report. I have released an updated version which includes a fix (FDSE version 2.0.0.0055). For the folks at securitybugware.org and securityfocus.com, would you please include a mention of this update if you issue a report. Thanks, Zoltan Milosevic (360) 944-8387 Fluid Dynamics Search Engine http://www.xav.com/scripts/search/ -----Original Message----- From: valdeux [mailto:valdeux@aol.com] Sent: Wednesday, July 10, 2002 7:40 AM To: scripts@nickname.net; contact@securitybugware.org; bugtraq@securityfocus.com; valdeux@aol.com Subject: XSS Hole in Fluid Dynamics Search engine Name : FD Search Engine Vendor : Fluid Dynamics - http://www.xav.com Version : Probably all Demo : http://www.xav.com/search.pl Note : Sorry for my poor english ... ------------------------------------- PROBLEM For a multiple result pages search, the script uses the variable Rank wich contains current result number. Anything could be written into, including HTML tags. EXEMPLE http://www.xav.com/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhit s=10& Rank=<br><h1>XSS</h1> Note : it works because "test" returns several pages. SOLUTION None yet.
