The Rat CMS 'viewarticle.php和viewarticle2.php'多个跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1115556 漏洞类型 跨站脚本
发布时间 2008-06-26 更新时间 2008-11-19
CVE编号 CVE-2008-5164 CNNVD-ID CNNVD-200811-323
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/31976
https://www.securityfocus.com/bid/80821
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200811-323
|漏洞详情
RatCMSPre-Alpha2版本的多个跨站脚本攻击漏洞允许远程攻击者通过(1)对(a)viewarticle.php和(b)viewarticle2.php的id参数以及(2)对viewarticle.php的PATH_INFO来to注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/29959/info
 
The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data.
 
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
 
The Rat CMS Pre-Alpha 2 is vulnerable; other versions may also be affected.

http://www.example.com/[trcms_path]/viewarticle2.php?id=<XSS>
|受影响的产品
Theratstudios The Rat Cms 2 Pre Alpha
|参考资料

来源:XF
名称:theratcms-viewarticle-xss(43378)
链接:http://xforce.iss.net/xforce/xfdb/43378
来源:BID
名称:29959
链接:http://www.securityfocus.com/bid/29959
来源:BUGTRAQ
名称:20080626TheRatCMS(SQL/XSS)MultipleRemoteVulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/493684/100/0/threaded
来源:SREASON
名称:4612
链接:http://securityreason.com/securityalert/4612