ViArt Shop 'manuals_search.php'跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117150 漏洞类型 跨站脚本
发布时间 2008-12-29 更新时间 2009-04-28
CVE编号 CVE-2008-6757 CNNVD-ID CNNVD-200904-505
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/32685
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200904-505
|漏洞详情
ViArtShop(又称ShoppingCart)3.5版本中的manuals_search.php存在跨站脚本攻击漏洞。远程攻击者可以借助手动搜索参数,注入任意的web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/33043/info


ViArt Shop is prone to multiple remote vulnerabilities:

- Multiple cross-site scripting vulnerabilities
- An information-disclosure vulnerability
- An authentication-bypass vulnerability

An attacker can exploit these issues to execute arbitrary script code, steal cookie-based authentication credentials, obtain sensitive information, or gain unauthorized access to the affected application.

ViArt Shop 3.5 is vulnerable; other versions may also be affected.

http://www.example.com/manuals_search.php?manuals_search=<html><script>window.location="http://www.example2.com";</script></html>
|参考资料

来源:SECTRACK
名称:1021497
链接:http://www.securitytracker.com/id?1021497
来源:BID
名称:33043
链接:http://www.securityfocus.com/bid/33043
来源:BUGTRAQ
名称:20081229ViArtShoppingCartv3.5MultipleRemoteVulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/499625/100/0/threaded
来源:OSVDB
名称:53284
链接:http://www.osvdb.org/53284
来源:SECUNIA
名称:33340
链接:http://secunia.com/advisories/33340