Elite Forum 1.0.0.0 XSS Vulnerability

2005-11-01 / 2005-11-02
Credit: Gladiator.KHF
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2005-3412
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

------------------------------------------------------ HYSA-2005-009 h4cky0u.org Advisory 009 ------------------------------------------------------ Date - Tue Nov 1 2005 TITLE: ====== Elite Forum 1.0.0.0 XSS Vulnerability SEVERITY: ========= Medium SOFTWARE: ========= Elite Forum 1.0.0.0 INFO: ===== Elite Forum is a fierce competitor entering the world of forum systems. Unlike many other choices, Elite Forum does not require the hassle of a MySQL database. Elite Forum is one of the best and is packed full of features, including the following: No MySQL database required, Very easy installation, Support for both user registration and guests, Private Messaging System, Forum can be locked so registration is required, User, forum and topic statistics, Fast and easy to use search system, Ability to view who is currently browsing the forum, Sticky Topics (Announcements), Full member list, Unlimited users, topics and posts, Member Profiles/Stats, Multiple page support (both topics and posts user definable), Selectable time offset, Ability to auto check for updates/patches, Clean and streamlined design, Smiley Support, BB Code and auto url support, Topic status icons, Member and Guest user levels, Members can edit or delete their posts, Secure accounts, Add or remove admins via administrator panel, Admins can edit/delete any post or topic. Support Website : www.all-interviews.com/firestorm/?act=eliteforum (Down at the time of Bug Discovery) BUG DESCRIPTION: ================ The system is vulnerable to Cross Site Scripting attacks. This issue is due to a failure of the application to properly sanitize user-supplied input. POC: ==== First find a forum running the Elite Forum package. Then click on a topic and then Post Reply. In the message box add any of the following codes. Here are some examples: <img src="javascript:void(window.location=('imagelink'))"> - Replace the imagelink with the link to the image you want to redirect the users viewing the topic containing this code. <img src="javascript:a=100;while(a>=0){alert(a);a--}"> <img src="javascript:a=1;while(a>0){alert("sup?")"> VENDOR STATUS: ============== The support site is down and no vendor contact could be found. FIX: ==== No fix available as of date. GOOGLEDORK: =========== "Powered by Elite Forum" CREDITS: ======== This vulnerability was discovered and researched by Gladiator.KHF (handle/username - gladiator) of h4cky0u Security Forums. mail : gleden123 at Yahoo dot Com web : http://www.h4cky0u.org ORIGINAL ADVISORY: ================== http://www.h4cky0u.org/advisories/HYSA-2005-009-elite-forum.txt -- http://www.h4cky0u.org (In)Security at its best...


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top