Injader 剖面编辑功能 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117041 漏洞类型 跨站脚本
发布时间 2008-12-15 更新时间 2009-01-12
CVE编号 CVE-2008-5891 CNNVD-ID CNNVD-200901-111
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/32663
https://www.securityfocus.com/bid/80800
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200901-111
|漏洞详情
Injader是一个灵活性强,易于使用的内容管理系统。Injader2.1.2之前的版本中的剖面编辑功能存在跨站脚本攻击漏洞。远程攻击者可以借助未明向量,注入任意的web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/32843/info

Injader is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input.

An attacker may leverage the HTML-injection issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is viewed, and launch other attacks.

The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to Injader 2.1.2 are vulnerable. 

http://www.example.com/upload/feeds.php?name=articles&id=<SQL>
|受影响的产品
Injader Injader 2.1.1 Injader Injader 2.1.0 Injader Injader 2.0.3 Injader Injader 2.0.2 Injader Injader 1.6.1
|参考资料

来源:BID
名称:32843
链接:http://www.securityfocus.com/bid/32843
来源:sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=646897
来源:SECUNIA
名称:33161
链接:http://secunia.com/advisories/33161