[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    [XSS] paBox 1.6
From:       Rift <Sean () Sage-web ! com>
Date:       2005-03-03 9:52:11
Message-ID: 20050303095211.14053.qmail () www ! securityfocus ! com
[Download RAW message or body]



Just wanted to let it be known seeing as i havent seen any info on this yet, ive \
discovered a cross scripting problem in PABox 1.6 

http://phpnuke.org/modules.php?name=News&file=article&sid=5065

they give a demo page of pabox there.  if you take the default form used for the \
shoutbox, there are always two parameters marked as hidden:

<input type="hidden" name="date"...
and
<input type="hidden" name="time"...


you can easily extract the form from anysite's pabox and change the date value to \
"text" and inject scripting code into it.. for example

<h1><marquee>&lt;script&gt;document.write(document.cookie);&lt;/script&gt;</marquee></h1><noscript>


obviously your code can be modified to do anything of your liking.


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic