PHPNuke Header.PHP Pagetitle参数跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109740 漏洞类型 跨站脚本
发布时间 2006-02-13 更新时间 2006-02-14
CVE编号 CVE-2006-0676 CNNVD-ID CNNVD-200602-164
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/27208
https://cxsecurity.com/issue/WLB-2006020034
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200602-164
|漏洞详情
PHP-Nuke6.0到7.8的header.php中存在跨站脚本攻击(XSS)漏洞。远程攻击者可以借助pagetitle参数注入任意Web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/16608/info

PHPNuke is prone to a cross-site scripting vulnerability. 

This issue affects the 'header.php' script.

PHPNuke 7.8 and prior versions are reportedly vulnerable.

http://www.example.com/nuke78/?pagetitle=w00t></title></head><body>test
|参考资料

来源:MISC
链接:http://www.waraxe.us/advisory-44.html
来源:VUPEN
名称:ADV-2006-0542
链接:http://www.frsirt.com/english/advisories/2006/0542
来源:SECUNIA
名称:18820
链接:http://secunia.com/advisories/18820
来源:XF
名称:phpnuke-header-xss(24650)
链接:http://xforce.iss.net/xforce/xfdb/24650
来源:BID
名称:16608
链接:http://www.securityfocus.com/bid/16608
来源:BUGTRAQ
名称:20060214[waraxe-2006-SA#044]-XSSinphpNuke7.8andolderversions
链接:http://www.securityfocus.com/archive/1/archive/1/424956/100/0/threaded
来源:SREASON
名称:425
链接:http://securityreason.com/securityalert/425