Omerta versions 2.7c and 2.8 suffer from a cross site scripting vulnerability.
ff5dd4bb57968581a9928cfa3e3581e0017ea2b2d72747f7abba68e6a099b0d0
original advisory at http://www.davidsopas.com/soapbox/omerta_xss.txt
XSS flaws in Omerta script (www.barafranca.com)
version tested: 2.7c and 2.8(newer version)
by David Sopas Ferreira
<smok3f00 at gmail.com>
<www.davidsopas.com>
Found and reported at : 5-05-2008PT
Full disclosure at : 12-05-2008PT
?!---------------------------------------------------------
XSS
----!?
On this online RPG, it's possible for a malicious user
use XSS (Cross Site Scripting) attacks to steal users cookies
and possibly their account.
The files affected by this are:
msg.php, unfiltred var=nick
view-topic.php, unfiltred var=page
donate.php, unfiltred var=nation
Attack example here:
msg.php?nick=ValidUser%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
forums/view-topic.php?id=3830&page=2%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
donate.php?nation=PT%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
?!---------------------------------------------------------
How to fix it
-------------!?
Edit the source code to ensure that input is properly sanitised.