CuteGuestbook XSS attack
------------------------------------------------------------------
- Cute Guestbook Remote XSS Exploit -
-= http://colander.altervista.org/advisory/CuteGuestbook.txt =-
------------------------------------------------------------------
-= Cute Guestbook =-
Omnipresent
May 04, 2006
Vunerability(s):
----------------
XSS Exploit
Product:
--------
Cute Guestbook
Vendor:
--------
http://www.scriptsez.net/index.php?action=detail&id=1086399301
Description of product:
-----------------------
PHP based guestbook requires no configuration and no database. Features: Bad
words filter, number of messages per page,
total messages to keep in record, emoticons with comments and much more.
Platform(s): linux, windows
Date Added: Jun 5, 2004
Last Updated: Feb 11, 2006
Author: Scriptsez Inc.
Vulnerability / Exploit:
------------------------
The applications Cute Guestbook is vulnerable to an XSS (Cross-Site Scripting)
Attack.
PoC / Proof of Concept:
-----------------------
An attacker can go to this URL:
http://www.victim_host/[path]/guestbook.php?action=sign
or
http://www.victim_host/[path]/guestbook.php
and then click on:
Click here to sign our Guestbook
Then insert in the field Name the Nick and in the field Comments put XSS like:
<script>alert("You are vulnerabile to XSS")</script>
Additional Informations:
------------------------
google dorks: "Powered By:Cute Guestbook"
Vendor Status
-------------
Not informed!
Credits:
--------
omnipresent
omnipresent@xxxxxxxx