Magic News Plus 多个跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112264 漏洞类型 跨站脚本
发布时间 2007-02-21 更新时间 2007-03-02
CVE编号 CVE-2007-1142 CNNVD-ID CNNVD-200703-064
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/29629
https://www.securityfocus.com/bid/81936
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200703-064
|漏洞详情
MagicNewsPlus1.0.2版本中存在跨站脚本攻击漏洞。远程攻击者可以借助(1)news.php和(2)n_layouts.php中的link_parameters参数,注入任意的web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/22661/info
  
Magic News Pro is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These issues include a remote file-include issue and two cross-site scripting vulnerabilities.
  
An attacker can exploit these issues to execute arbitrary PHP code in the context of the webserver process or to steal cookie-based authentication credentials. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
  
These issues affects version 1.0.2; other versions may also be vulnerable.

 http://www.example.com/n_layouts.php?link_parameters="><script>alert(document.cookie);</script>
|受影响的产品
Reamday Enterprises Magic News Plus 1.0.2
|参考资料

来源:BID
名称:22661
链接:http://www.securityfocus.com/bid/22661
来源:BUGTRAQ
名称:20070221MagicNewsPlusFileInclusionAndXssVulnerabilitis
链接:http://www.securityfocus.com/archive/1/archive/1/460902/100/0/threaded
来源:SREASON
名称:2334
链接:http://securityreason.com/securityalert/2334
来源:OSVDB
名称:33137
链接:http://osvdb.org/33137
来源:OSVDB
名称:33136
链接:http://osvdb.org/33136