Referer XSS in E-Blah Platinum
Summary
- Vulnerability
- Referer XSS in E-Blah Platinum
- Discovered
- 2006.02.16
- Last Update
- 2006.02.22 CVE entry added
- ID
- EV0083
- CVE
- CVE-2006-0829
- Risk Level
- medium
- Type
- Cross Site Scripting
- Status
- Patched
- Vendor
- n/a
- Vulnerable Software
- E-Blah Platinum (http://www.eblah.com)
- Version
- 9.7
- PoC/Exploit
- Available
- Solution
- Available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
Cross Site Scripting found in E-Blah Platinum (http://www.eblah.com) script.
Vulnerable script: Code/Routines.pl
Environment variable 'HTTP_REFERER' isn't properly sanitized. This can be used to post HTTP query with fake Referer value which may contain arbitrary html or script code. This code will be executed when administrator will open "Click Log".
Administrator's login and password are threatened.
PoC/Exploit
Example of HTTP Query:
GET /cgi-bin/Blah.pl HTTP/1.0
Host: [host]
Referer: [XSS]
Solution.
Vendor-provided patch is available here:
http://www.eblah.com/forum/m-1140116897/