Computer Security

Security Advisory: SparkleBlog Journal.php HTML Injection Vulnerability =>v2.1 (all versions vulnerable)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

  File Including In PBLang

  [SA17333] phpESP Unspecified Cross-Site Scripting and SQL Injection

  [SA17353] gCards "limit" SQL Injection Vulnerability

  [Full-disclosure] Multiple vulnerabilities within RockLiffe MailSite Express WebMail

From:sikikmail_(at)_gmail.com <sikikmail_(at)_gmail.com>
Date:26.10.2005
Subject:SparkleBlog Journal.php HTML Injection Vulnerability =>v2.1 (all versions vulnerable)

SparkleBlog is prone to HTMl injection attacks. It is possible for a malicious SparkleBlog user to inject hostile HTML script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of SparkleBlog.
SparkleBlog does not adequately filter HTMl tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by SparkleBlog
example:
put <script>alert('test')</script> in the "name:" tag in http://localhost/journal.php?id=1

SparkleBlog home page: http://www.creamed-coconut.org/
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru