SunShop Shopping Cart跨站脚本执行漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106671 漏洞类型 未知
发布时间 2002-04-13 更新时间 2007-01-02
CVE编号 CVE-2002-0553 CNNVD-ID CNNVD-200207-059
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/21377
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200207-059
|漏洞详情
SunShop是一款商业WEB电子购物程序,使用PHP脚本实现并可以运行在Unix和Linux操作系统下,也可以运行在MicrosoftWindows操作系统下。SunShop对用户输入没有进行正确的检查,可导致攻击者插入任意脚本进行跨站脚本执行攻击。当远程攻击者注册一个新用户时,由于程序对名字字段内容没有进行充分的检查,可导致攻击者在此字段中插入任意Javascript代码,当管理员查看客户列表的时候,脚本代码在管理员WEB浏览器上执行,可导致管理员基于Cookie认证的信息泄露。
|漏洞EXP
source: http://www.securityfocus.com/bid/4506/info

SunShop is commercial web store software. It is written in PHP, and will run on most Unix and Linux operating systems as well as Microsoft Windows.

SunShop allows attackers to embed arbitrary script code into form fields. This may enable a remote attacker to perform actions as the administrative user of the shopping cart. 

Enter the following name when registering as a new customer:

blackhat<script>alert('ouch')</script>
|参考资料

来源:XF
名称:sunshop-new-cust-css(8840)
链接:http://www.iss.net/security_center/static/8840.php
来源:BID
名称:4506
链接:http://www.securityfocus.com/bid/4506
来源:BUGTRAQ
名称:20020413SunSop:cross-site-scriptingbug
链接:http://archives.neohapsis.com/archives/bugtraq/2002-04/0154.html