Emefa Guestbook 1.2 is reportedly vulnerable to an HTML injection vulnerability due to a lack of properly sanitized user-supplied input.
eb988055adbac648c8f09afcdc49c1faRef: SS#17082005
SYSTEMSECURE.ORG - Advisory/Exploit
* PUBLIC ADVISORY *
Software:
Emefa Guestbook v1.2
Link:
http://www.emefa.myserver.org/comp/guestview.php
Attacks:
HTML Injection Vulnerability
Discovered by:
David Sopas Ferreira [SmOk3] » smok3f00 at gmail.com
-- ! Description !--
Emefa Guestbook is reportedly vulnerable to an HTML injection vulnerability. This is due to the application failing to properly sanitize user-supplied input. The problem is in file "sign.asp" on fields (name, email, location and message). An attacker could also exploit this issue to control how the site is rendered to the user, other attacks are also possible.
PoC:
All fields on "sign.asp":
<h1>can be exploited</h1>
-- ! Solution !--
Filter out the variables from malicious code.
-- ! Vendor !--
Contacted and didn't replyed.
<base64>Rm9y52EgUG9ydHVnYWw=</base64>
-EOF-
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!