Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Community Forums
 Community Discussions (All other subjects)
 Cross-Site Scripting question
 New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

Etymon
Advanced Member

United States
2385 Posts

Posted - 20 January 2008 :  10:49:40  Show Profile  Visit Etymon's Homepage
Does anyone know about the Cross-Site Scripting portion of this report?

ttp://seclists.org/bugtraq/2008/Jan/0056.html (scroll down to about the middle of the report for the Cross-Site Scripting comments)

Thanks guys,

Etymon

Edited by - Etymon on 20 January 2008 10:49:51

phy1729
Average Member

USA
589 Posts

Posted - 20 January 2008 :  11:42:42  Show Profile
I think it just says you can download the db if you don't change the name, whereami.asp should be deleted, 422 in setup.asp 'strSender = Request.QueryString("MAIL")' should be sterilized, and don't use a previous version. Not sure how to code the fix to the XSS problem but probably use some for of ChkString.

Edited by - phy1729 on 20 January 2008 11:43:14
Go to Top of Page

SiSL
Average Member

Turkey
671 Posts

Posted - 20 January 2008 :  15:31:53  Show Profile  Visit SiSL's Homepage
Simpy at Login.asp, you can just replace %3C and %3E with "" within very first line.

CHIP Online Forum

My Mods
Select All Code | Fix a vulnerability for your private messages | Avatar Categories W/ Avatar Gallery Mod | Complaint Manager
Admin Level Revisited | Merge Forums | No More Nested Quotes Mod
Go to Top of Page

Shaggy
Support Moderator

Ireland
6780 Posts

Posted - 21 January 2008 :  04:53:11  Show Profile
Grr! Another jackass posting nonsense without researching the issue first:

- The readme already advises about changing the db name and not storing it in your forum's directory so that's a problem with the user, not the forums.

- The XSS problem they posted doesn't exist in login.asp but it is an issue in setup.asp

- The final "bug" they posted just proves that they know nothing about how Snitz works; the form in login.asp is processed by login.asp before the user is redirected to the target page meaning that the username & password is never passed to the target page.


Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.21 seconds. Powered By: Snitz Forums 2000 Version 3.4.07