EV0004.txt

2006-01-04T00:00:00
ID PACKETSTORM:42766
Type packetstorm
Reporter Aliaksandr Hartsuyeu
Modified 2006-01-04T00:00:00

Description

                                        
                                            `New eVuln Advisory:  
Chipmunk Guestbook XSS Vulnerability  
  
--------------------Summary----------------  
Vendor: Chipmunk (http://www.chipmunk-scripts.com/)  
Software: Chipmunk Guestbook  
Versions: 1.4 and earlier  
Critical Level: Harmless  
Type: Cross-Site Scripting  
Class: Remote  
Status: Unpatched  
Exploit: Available  
Solution: Not Available  
Discovered by: Aliaksandr Hartsuyeu (alex@evuln.com)  
Published: 2005.12.29  
eVuln ID: EV0004  
  
-----------------Description--------------  
Vulnerable script:  
addentry.php  
  
Variable $homepage isn't properly sanitized. This can be used to post arbitrary script code which will be executed in the browser of every guestbook visitor.  
Cookie-based authentication is threatened.  
  
--------------Exploit---------------------  
Add an entry form:  
http://somesite/guestbook/addentry.php  
  
Homepage value: '></a><script>alert(123);</script>  
  
--------------Solution---------------------  
No Patch available.  
  
--------------Credit---------------------  
Original Advisory:  
http://evuln.com/vulns/4/summary.html  
  
Discovered by: Aliaksandr Hartsuyeu (alex@evuln.com)  
`