original advisory at http://www.davidsopas.com/soapbox/omerta_xss.txt
XSS flaws in Omerta script (www.barafranca.com) version tested: 2.7c and 2.8(newer version) by David Sopas Ferreira <smok3f00 at gmail.com> <www.davidsopas.com> Found and reported at : 5-05-2008PT Full disclosure at : 12-05-2008PT ?!--------------------------------------------------------- XSS ----!? On this online RPG, it's possible for a malicious user use XSS (Cross Site Scripting) attacks to steal users cookies and possibly their account. The files affected by this are: msg.php, unfiltred var=nick view-topic.php, unfiltred var=page donate.php, unfiltred var=nation Attack example here: msg.php?nick=ValidUser%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E forums/view-topic.php?id=3830&page=2%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E donate.php?nation=PT%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E ?!--------------------------------------------------------- How to fix it -------------!? Edit the source code to ensure that input is properly sanitised.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
