Wireclub.com - XSS & cookie disclosure
Wireclub.com
Homepage:
http://www.wireclub.com
Effected files:
input boxes of editing a profile
XSS Vuln with no filter evasion at all:
<IMG SRC=javascript:alert('XSS')>
We notice that when trying to put a url in the Open line about yourself input
box, we get the msg "no urls allowed" as well as "the field cannot contain
profanity (since i'm using youfucktard), One way to bypass this msg is change
the whole url to decimal value. or just parts of it; ie: http:// or the ending
of it, as well as part of the word "fuck"
PoC:
http://youfucktard.com
Screenshots:
http://www.youfucktard.com/xsp/wire1.jpg
http://www.youfucktard.com/xsp/wire2.jpg
http://www.youfucktard.com/xsp/wire3.jpg
XSS Vuln in same edit box, this time writing the cookie on screen:
[img src="javascript:document.write(document.cookie)"]
Screenshots:
http://www.youfucktard.com/xsp/wire4.jpg
http://www.youfucktard.com/xsp/wire5.jpg