MCG GuestBook 1.0 Cross Site Scripting

Type packetstorm
Reporter Aliaksandr Hartsuyeu
Modified 2010-11-24T00:00:00


                                            `New eVuln Advisory:  
Multiple XSS in MCG GuestBook  
eVuln ID: EV0144  
Software: MCG GuestBook  
Vendor: Mrcgiguy  
Version: 1.0  
Critical Level: low  
Type: Cross Site Scripting  
Status: Unpatched. No reply from developer(s)  
PoC: Available  
Solution: Not available  
Discovered by: Aliaksandr Hartsuyeu ( )  
All vulnerabilities found in gb.cgi script. It doesn't have proper XSS sanitation filters.  
XSS vulnerable parameters:  
* name  
* email  
* website  
* message  
All these parameters are not sanitized.   
This can be used to insert any html or script code.   
Admin panel is vulnerable also  
XSS poc code  
All form parameters dont pass any XSS sanitation filters.  
XSS Examples.   
Parameter "name": <script>alert('XSS Vuln')</script>   
Parameter "email": "<script>alert('Vulnerable')</script>   
Parameter "website": "<script>alert('Vulnerable')</script>   
Parameter "message": <script>alert('XSS Vuln')</script>  
Not available  
Vulnerability discovered by Aliaksandr Hartsuyeu - online php source analyzer.