Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: b06-2808.htm

i.List <= 1.5 - XSS



i.List <= 1.5 - XSS
i.List <= 1.5 - XSS



[MajorSecurity #10]i.List <= 1.5 - XSS =0D
----------------------------------------=0D
=0D
Software: i.List=0D
=0D
Version: <=1.5=0D
=0D
Type: XSS=0D
=0D
Date: June, 8th 2006=0D
=0D
Vendor: Skoom=0D
=0D
Page: http://skoom.de=0D 
=0D
=0D
Credits:=0D
-------------------------------=0D
=0D
David 'Aesthetico' Vieira-Kurz=0D
=0D
http://www.majorsecurity.de=0D 
=0D
=0D
Affected Products:=0D
-------------------------------=0D
=0D
i.List 1.5 and prior=0D
=0D
=0D
Description:=0D
-------------------------------=0D
=0D
i.List is a php/mysql TOPLIST script.=0D
=0D
Requirements:=0D
-------------------------------=0D
=0D
register_globals = On=0D
=0D
=0D
Vulnerability:=0D
-------------------------------=0D
=0D
Input passed to the Inputbox in "search.php", the 'URL' inputbox=0D
and 'ButtonURL' in "add.php" is not properly filtered and verified, before it is used.=0D
This can be exploited to execute evil XSS-code.=0D
=0D
Solution:=0D
-------------------------------=0D
=0D
Edit the source code to ensure that input is properly sanitised.=0D
Set "register_globals" to "Off".=0D
=0D
=0D
Exploitation:=0D
-------------------------------=0D
In the inputbox of /search.php:=0D
Search for: =0D
=0D
In the inputbox 'URL' of add.php:=0D
Type in as URL: =0D
=0D
In the inputbox 'ButtonURL' of add.php:=0D
Type in as URL: =0D
=0D
=0D
=0D
=0D
=0D
=0D
=0D


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH