XSS Vulnerability in Easy Forum
Summary
- Vulnerability
- XSS Vulnerability in Easy Forum
- Discovered
- 2006.02.21
- Last Update
- 2006.02.28 Exploitation code published
- ID
- EV0085
- CVE
- CVE-2006-0877
- Risk Level
- low
- Type
- Cross Site Scripting
- Status
- Patched
- Vendor
- n/a
- Vulnerable Software
- Easy Forum (http://hot-things.net/?q=eforum)
- Version
- 2.5
- PoC/Exploit
- Available
- Solution
- Available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
Cross Site Scripting found in Easy Forum (http://hot-things.net/?q=eforum) script.
Vulnerable script: join.php
Variable $image isn't properly sanitized.
Arbitrary script code insertion is possible in image URL when registering new user.
PoC/Exploit
Cross-Site Scripting Example:
URL: http://[host]/eforum/join.php
Image file (URL): javascript:alert(123) sometext.gif
Solution.
Vendor-provided patch is available now.
http://hot-things.net/cs/section.php?sid=3