[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani
From: irancrash@xxxxxxxxx
Date: Fri, 18 Dec 2009 10:52:52 -0700

|| Script : SMF (Simple Machine Forum) 1.1.11
|| Vulnerability Type : Active XSS ( Active Cross Site Scripting )
|| Risk : Low

|| Discovered By Khashayar Fereidani
|| http://ircrash.com http://bugtraq.ircrash.com


|| Note :

For use this vulnerability you need access to censor words panel .
1.First login and go to : 
http://site/path/index.php?action=postsettings;sa=censor
click on "Click here to add another word." for add new row .
set new text box : ircrash => "<script>alert('Vulnerable')</script>
and save page .
2.Open new typic and set title : ircrash , fill all fields and post typic .
3.Open forum home page . you see alert : Vulerable

You can set any html or java script code . hackers can home deface forum or set 
activex for virus .

|| Solution : filter censor page variables with htmlspecialchars .
|| Tnx : Only For God

Prev by Date: [USN-875-1] Red Hat Cluster Suite vulnerabilities
Next by Date: [USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities
Previous by thread: [USN-875-1] Red Hat Cluster Suite vulnerabilities
Next by thread: [USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities
Index(es):
- Date
- Thread