[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Security Advisory: CSS Vulnerability in Web Froums Server 1.6
- To: bugtraq@securityfocus.com
- Subject: Security Advisory: CSS Vulnerability in Web Froums Server 1.6
- From: nimber <nimber@mail.ru>
- Date: Mon, 2 Feb 2004 01:02:18 -0800
Security Advisory: CSS Vulnerability in Web Froums Server 1.6
Data: 27.01.2004
Application: Web Froums Server 1.6
Vendor: www.minihttpserver.net
Versions: 1.6 and <
Shareware :)
Platforms: Windows
Bug: JS/HTML code injection.
Risk: Low
Mini-description [for Forums Web Server v1.6]:
"WebForums Server allows you to setup a bulletin board and
photo/file exchange web service. It offers a built in HTTP engine,
internal database engine, integrated HTML/Script pages, user
management interface, message board engine and a secure file
Upload/Download option. It is without a doubt the easiest and
complet all in one Forum Server software you have seen."
[The information from a site www.minihttpserver.net]
Some time back I wrote about found CSS vulnerability in Web Forums Server.
(The additional information here http://www.rus-sec.org/advisories/ADV10.txt)
But in the new version they were not corrected.
In the new version I have found new of vulnerability.
Which can allow to receive login/password and session ID of any user.
1) At addition of the new message (for example
in a field " Subject: " there is no filtration of the entering data.
There is an opportunity of an insert any JS/HTML code.
2) At loading a new file on server (for example
there is no filtration of the entering data in a field " File Description:"
In result attacking can insert any JS/HTML code, which then will be
executed at opening page (or /sharephoto2.asp
and etc....)
nah nah :-)
For contacts:
icq: 132614
e-mail: nimber@mail.ru
home page: www.rus-sec.org
p.s> Sorry for my bad english ;)
Best regards,
nimber mailto:nimber@mail.ru