My Little Homepage产品 BBCode 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109679 漏洞类型 跨站脚本
发布时间 2006-01-26 更新时间 2006-01-31
CVE编号 CVE-2006-0473 CNNVD-ID CNNVD-200601-388
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/27139
https://cxsecurity.com/issue/WLB-2006010065
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200601-388
|漏洞详情
mylittlehomepagemylittleweblog的weblog.php中的bbcode函数存在跨站脚本攻击(XSS)漏洞(上次修改时间为2004年4月),远程攻击者可以通过BBcode链接标记中的javascriptURI注入任意javascript。
|漏洞EXP
source: http://www.securityfocus.com/bid/16395/info

My Little Homepage Web log, guestbook, and forum are prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. Other attacks are also possible. 

BBCode example have been provided:

[link=javascript:alert(123)]Link[/link]
[link]javascript:alert(123)[/link]
|参考资料

来源:XF
名称:mylittlehomepage-link-tag-xss(24310)
链接:http://xforce.iss.net/xforce/xfdb/24310
来源:BID
名称:16395
链接:http://www.securityfocus.com/bid/16395
来源:BUGTRAQ
名称:20060126[eVuln]"mylittlehomepage"products[link]BBCodeXSSVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/423167/100/0/threaded
来源:VUPEN
名称:ADV-2006-0349
链接:http://www.frsirt.com/english/advisories/2006/0349
来源:SECUNIA
名称:18628
链接:http://secunia.com/advisories/18628
来源:MISC
链接:http://evuln.com/vulns/51/summary.html
来源:OSVDB
名称:22753
链接:http://www.osvdb.org/22753
来源:SREASON
名称:378
链接:http://securityreason.com/securityalert/378
来源:MISC
链接:http://evuln.com/vulns/51/
来源:VIM
名称:20060130MyLittleHomepage-sourceverifyofdifferentproducts
链接:http://attrition.org/pipermail/vim/2006-January/000520.html