phpGreetCards 3.7 - Cross-Site Scripting

EDB-ID:

12345

Author:

Valentin

Type:

webapps

Platform:

PHP

Published:

2010-04-22

[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
>> General Information 
Advisory/Exploit Title = phpGreetCards XSS Vulnerabilities
Author = Valentin Hoebel
Contact = valentin@xenuser.org

 
[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
>> Product information
Name = phpGreetCards
Vendor = W2B
Vendor Website = http://www.w2bpm.com/
Affected Version(s) = 3.7


[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
>> #1 Vulnerability
Multiple XSS possibilities on multiple parameters, e.g. when creating an ecard:

index.php?mode=select&category=XX&card[image]=XX&card[sender_name]=~XSS~&card[sender_email]=XX&card[recip_name]=~XSS~&card[recip_email]=XX&card[stamp]=XX&card[bg]=%23B8C2C9&card[font_color]=%23A2ABB1&card[category]=XX&PHPSESSID=XX


[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
>> Additional Information
Advisory/Exploit Published = 22.04.2010


[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
>> Misc
Greetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase!


[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]