------------------------------------------------------
Nightmare TeAmZ Advisory 004
------------------------------------------------------
Date - 11/2005
EGuest PRO


AFFECTED PRODUCTS
=================
EGuest PRO 4.0 Guestbook
http://www.esoftpro.com/product.php?pid=eguestpro


OVERVIEW
========
EGuest PRO is an award-winning comprehensive guestbook system based on the 
popular guestbook system EGuest. New features including Admin Interfaces, 
Theme Support, Advanced Search with Highlight, Auto Web/Email Links, IP/Word 
Banning, Blank Line Protection, 250+ Smiley and much more. It excels any 
other guestbook scripts, allowing you to have a truly professional guestbook 
on your website


DETAILS
=======

1. Sql Injection

2. XSS

POC
===

1.
------
Sql Injecion:

Exemple
--------
1. Sql Injection:

/EGuest-PRO_show.php?display=[SQL]

2. XSS:

/EGuest-PRO_show.php?display=10&sort=>[XSS]

Exemple:

http://[host]/[path]/EGuest-PRO_show.php?display='

Credits
=======
This vulnerability was discovered and researched by
BiPi_HaCk, Advisory by Sub_Z3r0 of Nightmare TeAmZ,

Site: http://www.NightmareTeAmZ.altervista.org

_________________________________________________________________
Personalizza MSN Messenger con sfondi e fotografie! 
http://www.ilovemessenger.msn.it/