Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12931
HistoryJun 02, 2006 - 12:00 a.m.

ASP Discussion Forum Like the one on FreeVBCode.com Remote XSS Exploit

2006-06-0200:00:00
vulners.com
1931


-= ASP Discussion Forum Like the one on FreeVBCode.com =-

Omnipresent
June 01, 2006

Vunerability(s):

XSS Exploit

Product:

ASP Discussion Forum Like the one on FreeVBCode.com

Vendor:

http://www.freevbcode.com/ShowCode.Asp?ID=864

Description of product:

ASP Discussion Forum Like the one on FreeVBCode.com

Author: Intelligent Solutions Inc. (Featured Developer)
Category: ASP, HTML, and XML
Type: Applications
Difficulty: Advanced

Vulnerability / Exploit:

The application is vulnerable to an XSS Attack, in the function Search.

In forum_search.asp the variable search, passed by default.asp, is not properly sanitized before be used; so an attacker can
do an XSS attack.

PoC / Proof of Concept:

If an attacker put this code:

<script>alert("XSS Attack")</script>

in the field Search Forum (search variable), you get the message "XSS Attack".

Vendor Status

Not informed!

Credits:

omnipresent
[email protected]