E-School Management System XSS vuln. and Web Quiz pro XSS vuln.

2006-03-27T00:00:00
ID SECURITYVULNS:DOC:11960
Type securityvulns
Reporter Securityvulns
Modified 2006-03-27T00:00:00

Description

E-School Management System XSS vuln.

Vuln. discovered by : r0t Date: 27 march 2006 vendor:www.calorisplanitia.com/e-school-management-system.aspx affected versions: 1.0 and prior orginal advisory: http://pridels.blogspot.com/2006/03/e-school-management-system-xss-vuln.html

Vuln. description:

E-School Management System contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "msg" parameter in "default.asp" isn't properly sanitised before being returned to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

/default.asp?msg=[XSS]

Solution: Edit the source code to ensure that input is properly sanitised.

More information @ unsecured-systems.com/forum/

Web Quiz pro XSS vuln.

Vuln. discovered by : r0t Date: 27 march 2006 vendor:www.calorisplanitia.com/online-quiz-system.aspx affected versions: pro orginal advisory: http://pridels.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html

Vuln. description:

Web Quiz pro contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "exam" parameter in " prequiz.asp" and "msg" parameter in "student.asp" isn't properly sanitised before being returned to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

/prequiz.asp?examid=1&exam=[XSS] /student.asp?msg=[XSS]

Solution: Edit the source code to ensure that input is properly sanitised.

More information @ unsecured-systems.com/forum/