PHPGroupWare Index.PHP HTM注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107663 漏洞类型 跨站脚本
发布时间 2004-01-27 更新时间 2007-07-20
CVE编号 CVE-2004-2574 CNNVD-ID CNNVD-200412-783
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/25044
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-783
|漏洞详情
phpGroupWare0.9.14.005及其更早版本的index.php存在跨站脚本攻击(XSS)漏洞。远程攻击者可以借助calendar.uicalendar.plannermenuaction中的data参数注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/12082/info

PhpGroupWare is reported to be susceptible to a HTML injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input.

The attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user. 

http://[target]/[phpgroupware_directory]/index.php?menuaction=calendar.uicalendar.planner
POST DATA: date="><script>alert(document.cookie)</script>
|参考资料

来源:BID
名称:12082
链接:http://www.securityfocus.com/bid/12082
来源:savannah.gnu.org
链接:https://savannah.gnu.org/bugs/?func=detailitem&item_id=7478
来源:OSVDB
名称:7600
链接:http://www.osvdb.org/7600