Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Guestbooks :: b06-3478.htm

PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities



PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities
PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities



/*=0D
--------------------------------------------------------=0D
[N]eo [S]ecurity [T]eam [NST]? - Advisory #23 - 07/07/06=0D
--------------------------------------------------------=0D
Program: PBL Guestbook=0D
Homepage: www.pixelatedbylev.com=0D 
Vulnerable Versions: 1.32 and lower.=0D
Risk: High!=0D
Impact: Critical Risk=0D
=0D
-==PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities==-=0D
---------------------------------------------------------=0D
=0D
- Description=0D
---------------------------------------------------------=0D
PBL Guestbook fully functional guestbook loaded with tons of features and packed for premium optimization and performance.=0D
=0D
- Tested=0D
---------------------------------------------------------=0D
PBL Homepage & other sites=0D
=0D
- Explotation=0D
---------------------------------------------------------=0D
=0D
1)=0D
=0D
Vulnerable code:=0D
=0D
=0D
==[ pblguestbook.php 164-183 ]===========================0D
[...]=0D
if ($id){=0D
foreach ($_POST as $name => $value)=0D
	{=0D
	$_POST["$name"] = str_replace("\n","
",$value);=0D }=0D foreach ($_POST as $name => $value)=0D {=0D $_POST["$name"] = str_replace("\t","",$value);=0D }=0D foreach ($_POST as $name => $value)=0D {=0D $_POST["$name"] = str_replace("\r","",$value);=0D }=0D foreach ($_POST as $name => $value)=0D {=0D $_POST["$name"] = str_replace('|',"¦",$value);=0D }=0D foreach ($_POST as $name => $value)=0D {=0D $_POST["$name"] = preg_replace("/\(.*?)\<\/SCRIPT(.*?)\>/i", "SCRIPT BLOCKED", $value);=0D }=0D [...] =0D ==[ end pblguestbook.php ]===========================0D =0D How we can see the script only do some replaces. Only the

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH