eNdonesia Search Form跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108105 漏洞类型 跨站脚本
发布时间 2004-08-04 更新时间 2007-01-05
CVE编号 CVE-2004-2670 CNNVD-ID CNNVD-200412-1036
漏洞平台 PHP CVSS评分 6.8
|漏洞来源
https://www.exploit-db.com/exploits/24348
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-1036
|漏洞详情
eNdonesia8.3版本的mod.php存在多个跨站脚本(XSS)漏洞。远程攻击者借助(1)viewcat操作中的mod参数或者(2)publisher模块的search操作中的query参数注入任意web脚本或者HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/10856/info

It is reported that eNdonesia is susceptible to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated web content.

As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user. Specifically the attacker can pass malicious HTML code as a value for the affected URI parameter supplied to 'mod.php'. All code will be executed within the context of the website running the vulnerable software.

This may allow for theft of cookie-based authentication credentials and other attacks. 

Version 8.3 of the software is reported vulnerable. Other versions may also be affected.

http://www.example.com/mod.php?mod=publisher&op=search&query=%3Cscript%3Ealert(document.cookie)%3C/script%3E
|参考资料

来源:XF
名称:endonesia-mod-xss(13041)
链接:http://xforce.iss.net/xforce/xfdb/13041
来源:BID
名称:8506
链接:http://www.securityfocus.com/bid/8506
来源:BID
名称:10856
链接:http://www.securityfocus.com/bid/10856
来源:BUGTRAQ
名称:20040804MultiplevulnerabilitiesineNdonesiaCMS
链接:http://www.securityfocus.com/archive/1/370855
来源:SECTRACK
名称:1010864
链接:http://securitytracker.com/id?1010864
来源:SECUNIA
名称:12231
链接:http://secunia.com/advisories/12231
来源:echo.or.id
链接:http://echo.or.id/adv/adv02-y3dips-2004.txt