Faq-O-Matic多个跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109640 漏洞类型 跨站脚本
发布时间 2006-01-16 更新时间 2006-05-02
CVE编号 CVE-2006-0251 CNNVD-ID CNNVD-200601-184
漏洞平台 CGI CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/27088
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200601-184
|漏洞详情
Faq-O-Matic2.711的fom.cgi中存在跨站脚本攻击(XSS)漏洞,可让远程攻击者通过(1)_duration、(2)file和(3)cmd参数注入任意Web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/16251/info

Faq-O-Matic is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

These issues may be related to those discussed in BID 4565 and BID 4023 (Faq-O-Matic Cross Site Scripting Vulnerability). 

http://www.example.com/fom.cgi?cmd=recent&file=1&showLastModified=show&_submit=Show+documents&_duration=[code]
http://www.example.com/fom.cgi?file=[code]&showLastModified=show
http://www.example.com/fom.cgi?_insert=answer&cmd=[code]&file=1
|参考资料

来源:BID
名称:16251
链接:http://www.securityfocus.com/bid/16251
来源:OSVDB
名称:22439
链接:http://www.osvdb.org/22439
来源:VUPEN
名称:ADV-2006-0189
链接:http://www.frsirt.com/english/advisories/2006/0189
来源:SECUNIA
名称:18468
链接:http://secunia.com/advisories/18468
来源:MISC
链接:http://osvdb.org/ref/22/22439-faqomatic.txt
来源:XF
名称:faqomatic-fom-xss(24165)
链接:http://xforce.iss.net/xforce/xfdb/24165