Multiple XSS in MCG GuestBook

Summary

Vulnerability
Multiple XSS in MCG GuestBook
Discovered
2010.11.12
Last Update
n/a n/a
ID
EV0144
CVE
CVE-2010-4358
Risk Level
low
Type
Cross Site Scripting
Status
Unpatched. Vendor notified. No reply from developer(s)
Vendor
Mrcgiguy (http://www.mrcgiguy.com/)
Vulnerable Software
MCG GuestBook
Version
1.0
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

Cross Site Scripting found in MCG GuestBook script.

Multiple XSS in MCG GuestBook
All vulnerabilities found in gb.cgi script. It doesn't have proper XSS sanitation filters.

XSS vulnerable parameters:

  • name
  • email
  • website
  • message

All these parameters are not sanitized. This can be used to insert any html or script code. Admin panel is vulnerable also.

PoC/Exploit

XSS poc code
All form parameters dont pass any XSS sanitation filters.

XSS Examples.

Parameter "name": <script>alert('XSS Vuln')</script>

Parameter "email": "<script>alert('Vulnerable')</script>

Parameter "website": "<script>alert('Vulnerable')</script>

Parameter "message": <script>alert('XSS Vuln')</script>

Solution.

Solution for "Multiple XSS in MCG GuestBook" is not available. Check Mrcgiguy website for updates.