AV Arcade BugFix – XSS Exploit

AV Arcade BugFix – XSS Exploit

Jan 06

The Problem:

EDITED::…
This was originally reported as link spam, but could easily be a lot worse.

When registering, the user name field is open to possible attack.
Code will be processed on the members page.
The code can be overflown to the homepage fairly easily.
XSS can be used.

I would now consider this as a serious exploit.
I would suggest fixing this bug A.S.A.P

The Fix:

  • Backup then open yoursite.com/register.php
  • Find:
    $info2 = htmlspecialchars($info);
  • Add below:
    $username = htmlspecialchars($username);
  • Backup then open yoursite.com/admin/manage_users.php
  • Find:
  • while($row = mysql_fetch_array($sql)){
  • Add below:
  • $username = htmlspecialchars($username);
  • Save and upload all files.
  • Search your members list for any user names shown as code and delete (You could also I.P. ban them).

    • This function could easily be expanded for further validation.

    - - - (Related Tags)

Posted by 3

3 comments

  1. Abe
    Posted on February 11, 2009

    This bug has been fixed in AV Arcades’ v4.0.2 update.

  2. buzzlnks
    Posted on August 23, 2009

    im glad it was fixed, but its too late now that i stopped using the script due to some major bugs, im not sure if i should start again, btw, when will you be releasing the update of your mods and template for the new version of the script?

  3. Abe
    Posted on August 26, 2009

    I will update my mods and make a few free skins when version 5 of AV Arcade is released.

    I think it will be soon as Andy has added a v5 section to the forum.

Leave a Reply

You must be logged in to post a comment.