XSS and User Data Corruption in PHP Event Calendar
Summary
- Vulnerability
- XSS and User Data Corruption in PHP Event Calendar
- Discovered
- 2006.02.06
- Last Update
- 2006.02.16 Exploitation code published
- ID
- EV0063
- CVE
- CVE-2006-0657
- Risk Level
- low
- Type
- Cross Site Scripting
- Status
- Unpatched. No reply from developer(s)
- Vendor
- Softcomplex (http://www.softcomplex.com/)
- Vulnerable Software
- PHP Event Calendar (http://www.softcomplex.com/products/php_event_calendar/)
- Version
- 1.5
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
Cross Site Scripting found in PHP Event Calendar (http://www.softcomplex.com/products/php_event_calendar/) script.
Registered user has an ability to change his Username and Password.
Username and Password isn't sanitized before being written to users.php file. This can be used to make XSS attack or corrupt users data.
PoC/Exploit
1. Cross-Site Scripting Example.
Changing password.
Username: <XSS>
Password: userpassword
2. Password file corruption.
Changing password.
Username: any
Password: ?><?
Solution.
Solution for "XSS and User Data Corruption in PHP Event Calendar" is not available. Check Softcomplex website for updates.