WoltLab Burning Board Thread.PHP跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108699 漏洞类型 跨站脚本
发布时间 2005-04-22 更新时间 2007-07-12
CVE编号 CVE-2005-1285 CNNVD-ID CNNVD-200504-083
漏洞平台 PHP CVSS评分 6.8
|漏洞来源
https://www.exploit-db.com/exploits/25503
https://www.securityfocus.com/bid/13325
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200504-083
|漏洞详情
BurningBoard是一款由PHP编写,MySQL后台支持的WEB论坛程序,可运行在Unix和Linux操作系统下,也可以运行在Microsoftwindows操作系统下。Powertech提供的第三方工具存在目录遍历漏洞,在用于增加iSeriesAS/400FTP服务器的安全性时,远程攻击者可以通过在一个GET请求中的".."序列访问任意文件,包括qsys.lib中的文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/13325/info

WoltLab Burning Board is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. 

http://www.example.com/thread.php?threadid=[Topic_ID]&hilight=[XSS]
|受影响的产品
Woltlab Burning Board 2.3.1
|参考资料

来源:SECTRACK
名称:1013790
链接:http://securitytracker.com/id?1013790
来源:SECUNIA
名称:15058
链接:http://secunia.com/advisories/15058
来源:BID
名称:13325
链接:http://www.securityfocus.com/bid/13325
来源:BUGTRAQ
名称:20050422[SeProBugtraq]WBB-WoltLabBurningBoard<=2.3.1-XSS
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=111420516900814&w=2