PHP Booking Calendar / Bugs / #5 PHP Booking Calendar 10e XSS

#5 PHP Booking Calendar 10e XSS

Milestone: v1.0 (example)

Status: closed-fixed

Owner: Jeff Walters

Labels: None

Priority: 9

Updated: 2014-08-18

Created: 2012-01-03

Creator: Henri Salo

Private: No

Original advisory in bugtraq: http://seclists.org/bugtraq/2011/Dec/123

""""
# Exploit Title: PHP Booking Calendar 10e XSS
# Date: 12/16/11
# Author: G13
# Software Link: http://sourceforge.net/projects/bookingcalendar/
# Version: 10e
# Category: webapps (php)
#

##### Vulnerability #####

The page_info_message varibale in the details_view.php does not sanitize input. This is a relective XSS attack.

##### Exploit #####

http://127.0.0.1/cal/details_view.php?event_id=1&date=2011-12-01&view=month&loc=loc1&page_info_message=\[XSS]
"""

I have verified this vulnerability to be a valid report. Please fix this XSS-vulnerability and contact me in case you need more information or help with the patch.

http://en.wikipedia.org/wiki/Cross-site_scripting

Discussion

Henri Salo - 2012-01-03

priority: 5 --> 9

status: open --> open-accepted
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Henri Salo - 2012-01-03

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5045

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jeff Walters - 2014-03-12

booking_calendar_10f.zip - htmlentities() added to header.php

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jeff Walters - 2014-03-12

status: open-accepted --> closed-fixed

assigned_to: Jeff Walters

Group: --> v1.0 (example)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

PHP Booking Calendar 10e XSS

Calendar Application for Booking Conference Rooms

Group

Searches

Help

#5 PHP Booking Calendar 10e XSS

Discussion