flysprayXSS.txt

flysprayXSS.txt: Posted Oct 27, 2005; Authored by Lostmon | Site lostmon.blogspot.com; Flyspray versions 0.9.7, 0.9.8, and 0.9.8-devel are susceptible to cross site scripting. Exploitation details included.; tags | exploit, xss; SHA-256 | 0bab5f01b7c758426334bbe468c48da3450971005b0015fe8140d3acfbc45c89; Download | Favorite | View

flysprayXSS.txt

####################################################
Flyspray "The bug killer" multiple variable Cross-Site Scripting
vendor url:https://flyspray.rocks.cc/
Vendor specific bug report: https://flyspray.rocks.cc/bts/task/703
Advisore:https://lostmon.blogspot.com/2005/10/
flyspray-bug-killer-multiple-variable.html
vendor notify:yes exploit available:yes
#####################################################

Flyspray is an uncomplicated, web-based bug tracking system for
assisting with software development.

Flyspray "The bug killer" contains a flaw that allows a remote
cross site scripting attack.This flaw exists because the application
does not validate multiple variables upon submission to index.php
script.This could allow a user to create a specially crafted URL that
would execute arbitrary code in a user's browser within the trust
relationship between the browser and the server,
leading to a loss of integrity.

##################
versions
##################

Flyspray 0.9.7
Flyspray 0.9.8
Flyspray 0.9.8 (devel)


##################
solution
##################

no solution was available at this time...

###################
TimeLine
###################

Discovered:20-10-2005
Vendor notify:24-10-2005
Vendor response:25-10-2005
Disclosure:26-10-2005


####################
Examples
####################

https://[victim]/index.php?PHPSESSID=270ca5a0f7c1e5b2fd4c
52b34cdfe546&tasks=&project=1&string=lala&type=&sev=&due=
&dev=&cat=&status=&perpage=20

variables PHPSESSID, task,string,type,serv,due,dev are
afected by XSS flaws.

https://[victim]/index.php?tasks=all%22%3E%3Cscript
%3Ealert%28%29%3C%2Fscript%3E&project=0

variable task afected.

https://[victim]/index.php?order=sev&project=1&tasks=&type=
&sev=&dev=&cat=&status=&due=&string=&perpage=20&pagenum=0&
sort=desc&order2=&sort2=desc

task,type,due,string,sort2, these variables are
afected by XSS flaws.

########################## €nd #############################

thnx to estrella to be my ligth
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: https://lostmon.blogspot.com/
--
La curiosidad es lo que hace mover la mente....

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 61 files
Debian 20 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,160)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,842)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,975)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

flysprayXSS.txt

flysprayXSS.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

flysprayXSS.txt

Share This

flysprayXSS.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems