Eggblog v3.1.0 XSS Vulnerability

Type securityvulns
Reporter Securityvulns
Modified 2007-11-12T00:00:00


H - Security Labs
Eggblog v3.1.0 Security Advisory ID : HSEC#20071111 General Information

Name : EggBlog v.3.1.0 Vendor HomePage : Platforms : PHP && MySQL Vulnerability Type : Input Validation Error


08 October 2007 -- Vendor Contacted
30 October 2007 -- Vendor Replied 11 November 2007 -- New Release 11 November 2007 -- Advisory Released

What is Eggblog

eggblog is a free PHP & MySQL blogging package. Features include an internal search engine,

photo albums, forums, plug-ins, guest comments to blog articles, automatic monthly archiving

of blog articles and RSS XML feeds for both the blog and forums. I discovered the security holes when I was testing it for my personel web blog.

Vulnerability Overview

The script is vulnerable to XSS attacks.

Details About Vulnerability

XSS Vulnerability(home/rss.php)

At the rss.php line 6-7; there are unfiltered PHP_SELFs that can be used for XSS attacks.



PHP_SELF'])."/rss/blog.php</a></li> <a



The attacker can succesfully launch XSS attacks with loading payload on to the URL after the

home\rss.php. For example :<script>alert(1)</script>


Download the new release : EggBlog v3.1.1


The vulnerabilities found on 08 October 2007 by Mesut Timur <> H - Security Labs , Gebze Institue of Technology,Computer Engineering,

References Original Advisory :

Mesut TIMUR H - Security Labs Gьvenlik Editцrь GYTE Bilgisayar Mьhendisligi