Cyphor多个输入验证漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109119 漏洞类型 跨站脚本
发布时间 2005-10-08 更新时间 2006-01-19
CVE编号 CVE-2005-3237 CNNVD-ID CNNVD-200510-109
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/26339
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200510-109
|漏洞详情
Cyphor是一款可自定义的论坛系统,基于php4和MySQL。Cyphor0.19中存在跨站脚本攻击(XSS)漏洞。远程攻击者可以通过footer.php的t_login参数,注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/15047/info
  
Cyphor is prone to multiple cross-site scripting and SQL injection vulnerabilities.
  
Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database data. Other attacks are also possible. 

http://www.example.com/[path]/include/footer.php?t_login=<script>alert(document.cookie)</script>
|参考资料

来源:XF
名称:cyphor-footer-xss(22550)
链接:http://xforce.iss.net/xforce/xfdb/22550
来源:BID
名称:15047
链接:http://www.securityfocus.com/bid/15047
来源:SECTRACK
名称:1015020
链接:http://securitytracker.com/id?1015020
来源:SECUNIA
名称:17104
链接:http://secunia.com/advisories/17104/
来源:BUGTRAQ
名称:20051008Cyphor0.19SQLInjection/Boardtakeover/crosssitescripting
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=112879353805769&w=2
来源:BUGTRAQ
名称:20051008Cyphor0.19SQLInjection/Boardtakeover/crosssitescripting
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=112879353805769&w=2
来源:OSVDB
名称:19946
链接:http://www.osvdb.org/19946
来源:SREASON
名称:70
链接:http://securityreason.com/securityalert/70