XAMPP Guestbook-EN.PL远程HTML注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108656 漏洞类型 跨站脚本
发布时间 2005-04-12 更新时间 2010-01-29
CVE编号 CVE-2005-1077 CNNVD-ID CNNVD-200504-027
漏洞平台 Multiple CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/25391
https://www.securityfocus.com/bid/13127
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200504-027
|漏洞详情
XAMPP(Apache+MySQL+PHP+PERL)是一个功能强大的建站集成软件包。这个软件包原来的名字是LAMPP,但是为了避免误解,最新的几个版本就改名为XAMPP了。它可以在Windows、Linux、Solaris三种操作系统下安装使用,支持多语言:英文、简体中文、繁体中文、韩文、俄文、日文等。XAMPP是一个易于安装且包含MySQL、PHP和Perl的Apache发行版。XAMPP1.4.x存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可通过(1)cds.php,(2)Guestbook-EN.pl或(3)phonebook.php来注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/13127/info

XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user, which may help the attacker steal cookie-based authentication credentials and launch other attacks. 

http://www.example.com/xampp/phonebook.php?lastname=Cru3l.b0y&firstname=&phone=
|受影响的产品
XAMPP XAMPP Windows 1.6.8 XAMPP XAMPP Windows 1.6.7 XAMPP XAMPP Linux 1.6.8 XAMPP XAMPP Linux 1.6.7 XAMPP Apache Distribution for Solaris 0.3 XAMPP Apache Distribution fo
|参考资料

来源:BID
名称:13128
链接:http://www.securityfocus.com/bid/13128
来源:BID
名称:13127
链接:http://www.securityfocus.com/bid/13127
来源:BID
名称:13126
链接:http://www.securityfocus.com/bid/13126
来源:FULLDISC
名称:20050412XAMPP
链接:http://marc.theaimsgroup.com/?l=full-disclosure&m=111330048629182&w=2