------------------------------------------------------ Nightmare TeAmZ Advisory 004 ------------------------------------------------------ Date - 11/2005 EGuest PRO AFFECTED PRODUCTS ================= EGuest PRO 4.0 Guestbook http://www.esoftpro.com/product.php?pid=eguestpro OVERVIEW ======== EGuest PRO is an award-winning comprehensive guestbook system based on the popular guestbook system EGuest. New features including Admin Interfaces, Theme Support, Advanced Search with Highlight, Auto Web/Email Links, IP/Word Banning, Blank Line Protection, 250+ Smiley and much more. It excels any other guestbook scripts, allowing you to have a truly professional guestbook on your website DETAILS ======= 1. Sql Injection 2. XSS POC === 1. ------ Sql Injecion: Exemple -------- 1. Sql Injection: /EGuest-PRO_show.php?display=[SQL] 2. XSS: /EGuest-PRO_show.php?display=10&sort=>[XSS] Exemple: http://[host]/[path]/EGuest-PRO_show.php?display=' Credits ======= This vulnerability was discovered and researched by BiPi_HaCk, Advisory by Sub_Z3r0 of Nightmare TeAmZ, Site: http://www.NightmareTeAmZ.altervista.org _________________________________________________________________ Personalizza MSN Messenger con sfondi e fotografie! http://www.ilovemessenger.msn.it/