Security update

Post Reply
hackernr6
Posts: 1
Joined: Wed May 05, 2010 2:05 pm

Security update

Post by hackernr6 »

This website is prone to XSS.

for example, if you create an account and go to the box for personal information. and you type there the following

Code: Select all

</textarea> <input type="button" value="clickme" onclick="javascript:alert('you clicked me');"/><textarea cols="60" rows="4" name="info">
It will add an extra button with javascript code behind it. This means that basically anyone can just create their own forms by using that field and can make them submit things that address the php code on the server side.

so basically what i'm saying is... you can get logins, usernames, passwords, email addresses, all that good stuff by simply writing your own form that runs on the client side, but speaks directly to the server side.
Attachments
prtscr.png
prtscr.png (73.11 KiB) Viewed 11071 times
tails
Posts: 90
Joined: Thu Oct 23, 2008 12:10 pm

Re: Security update

Post by tails »

Thank you very much for the report!
We regard that as a serious matter, and will fix it as soon as possible..

EDIT:
We have fixed the page you reported and some others.
Please let us know if you find any other problematic pages.
Thanks!
User avatar
adum
Site Admin
Posts: 422
Joined: Tue Sep 30, 2008 5:09 pm

Re: Security update

Post by adum »

hi there, i appreciate you looking for XSS vulnerabilities. thanks!

however, in this case it's not a security problem: the only person you can attack is yourself. an XSS vulnerability only exists where the data one person can enter is visible to another. in this case, i believe i already filter the personal data when others look at it. if you can find a place where i don't, i'd love to see it, but the one you mentioned (and the others you changed, tails) were not problematic.
tails
Posts: 90
Joined: Thu Oct 23, 2008 12:10 pm

Re: Security update

Post by tails »

Hmm, I think someone could steal your password if you followed a link in which a script was embedded.

Oh, I think I've found another security problem... I'll send you an e-mail later, Adum.
Post Reply