#######################################################################

Application: SnapStream PVS
Vendor : http://www.snapstream.com
Versions: LITE
Platforms: Windows/Unix
Bug: Cross Site Scripting Vulnerabillity
Risk: Low
Exploitation: Remote with browser
Date: 6 Jan 2004
Author: Rafel Ivgi, The-Insider
e-mail: [email protected]
web: http://theinsider.deep-ice.com

#######################################################################

1) Introduction
2) Bug
3) The Code

#######################################################################

===============
1) Introduction

SnapStream PVS is a Personal Video Station software. It allows the user to
remotely
schedule recordings and playing of Tv shows using video tapes and cable TV.

#######################################################################

======
2) Bug

When the webserver hosting SnapStream PVS LITE recieves a
'GET /?<script>alert('XSS')</script>' its ignores it, the data gets filtered
as it should.
But when it recieves a 'GET /?"><script>alert('XSS')</script>' the filters
are bypassed
and XSS appears and the server allows an attacker to inject & execute
scripts.

#######################################################################

===========
3) The Code

http://<host>/?"><script>alert('XSS')</script>

#######################################################################

Rafel Ivgi, The-Insider
http://theinsider.deep-ice.com

"Things that are unlikeable, are NOT impossible."