Home page logo

bugtraq logo Bugtraq mailing list archives

[ARL02-A12] PHP(Reactor) Cross Site Scripting Vulnerability
From: Ahmet Sabri ALPER <s_alper () hotmail com>
Date: 6 Jun 2002 14:09:44 -0000

+/--------\-------- ALPER Research Labs ------/--------/+
+/---------\-------  Security Advisory  -----/---------/+
+/----------\------    ID: ARL02-A12    ----/----------/+
+/-----------\----- salper () olympos org  ---/-----------/+

Advisory Information
Name               : php(Reactor) Cross Site Scripting Vulnerability
Software Package   : php(Reactor)
Vendor Homepage    : http://phpreactor.org/
Vulnerable Versions: v1.2.7 and older
Platforms          : OS Independent, PHP
Vulnerability Type : Input Validation Error
Vendor Contacted   : 15/05/2002
Vendor Replied     : 15/05/2002
Prior Problems     : N/A
Current Version    : v1.2.7pl1 (immune)

php(Reactor) is a set of integrated applications
focusing on user interaction. Included are articles,
content management, bbs/forums, polls, ecards, and
chat events. Administration is quick and easy with
a browser-based control panel.

A Cross Site Scripting vulnerability exists in
php(Reactor). This would allow a remote attacker
to send information to victims from untrusted web
servers, and make it look as if the information
came from the legitimate server.

The "browse.php", in the "comments" section does not
filter user input for $go variable. So any user may
craft a malicious link, and can gain information about
users, and even may get the login information of the

Here's the proof-of-concept link example;

Note that, the $fid and $tid variables should be integers.

The vendor replied quickly, and has released a new version
on 28/05/2002, which can be downloaded at

Discovered on 15, May, 2002 by
Ahmet Sabri ALPER <salper () olympos org>
ALPER Research Labs.

Product Web Page: http://www.phpreactor.org/

  By Date           By Thread  

Current thread:
  • [ARL02-A12] PHP(Reactor) Cross Site Scripting Vulnerability Ahmet Sabri ALPER (Jun 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]