SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
IT News
Search
SecurityAlert Database
About SecurityAlert
ExploitAlert Database
SecurityReason Research
WLB
WLB Database
Send to WLB
About WLB
Services
Security Audit
Schedule
Prices of services
Contact
RSS
SecurityReason IT News
SecurityAlert
World Laboratory of Bugtraq
ExploitAlert
Apache
PHP
Corporate
Contact
About SecurityReason
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com
Home arrow SecurityAlert Database

Arrow  Topic :

G-Book 1.0 XSS And Other Vulnerabilities


Arrow  SecurityAlert : 634
Arrow  CVE : CVE-2006-1398
Arrow  SecurityRisk : Low  Security Risk Low  (About)
Arrow  Remote Exploit : Yes
Arrow  Local Exploit : No
Arrow  Exploit Available : Yes
Arrow  Credit : matrix_killer
Arrow  Published : 28.03.2006

Arrow  Affected Software : G-Book 1.0



Arrow  Advisory Content :  

------------------------------------------------------
HYSA-2006-006 h4cky0u.org Advisory 015
------------------------------------------------------
Date - Mon March 27 2006

TITLE:
======

G-Book 1.0 XSS, Possible authentication bypass & mass message flood

SEVERITY:
=========

High

SOFTWARE:
=========

G-Book 1.0

Support Website - http://www.6al.net/six/

INFO:
=====

G-book is extremely simple to customize and publish. There is no need for a
MySQL Database. The script incorporates features

such as administration panel, MESSAGE APPROVAL, smilies, divided posts by
pages etc. Its graphics can be altered effortlessly

through the CSS file. In addition, G-book supports multiple languages.

DESCRIPTION:
============

G-Book 1.0 is vulnerable to a XSS attack and you can also get admin access
to the guestbook if the user hasn't deleted his

cookie.

--==XSS==--

In the message board post a message with something like this:

<script>alert();</script>

Another bug in G-Book is that a user can post as many messages as he wants
to.

FIX:
====

htmlspecialchars + a logout button which will destroy the cookies and post
cotrol.

VENDOR RESPONSE:
================

Bug will be fixed in the next version.

CREDITS:
========

- This vulnerability was discovered and researched by matrix_killer of
h4cky0u Security Forums -

mail : matrix_k at abv.bg

web : http://www.h4cky0u.org

- Co-Researcher -

h4cky0u of h4cky0u Security Forums.

mail : h4cky0u at gmail.com

web : http://www.h4cky0u.org

Greets to all omega-team members + krassswr,EcLiPsE and all who support us
!!!

ORIGINAL ADVISORY:
==================

http://www.h4cky0u.org/advisories/HYSA-2006-006-g-book.txt




Arrow  Feedback :

If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
Alert

libc/fnmatch(3) DoS

Security Risk Medium- 2011-05-13

Allow attacker to denial of service apache 2.2.17 server
Apache RSS Apache Alert

» Apache HTTP Server Denial
   of Service Vulnerability

» Multiple Vendors
   libc/fnmatch(3) DoS (incl
   apache poc)

» Apache Continuum
   cross-site scripting
   vulnerability

» Apache Tomcat DoS
   Vulnerability
PHP RSS PHP Alert

» PHP Hashtables Denial of
   Service

» PHP 5.3.6 multiple null
   pointer dereference

» PHP 5.3.6 ZipArchive
   invalid use glob(3)

» libzip 0.9.3
   _zip_name_locate NULL
   Pointer Dereference (incl
   PHP 5.3.5)
ADT

Protect your family and valuables with Home Security Systems
Copyright © SecurityReason.com. All Rights Reserved.