Cj-Design CJ Dynamic Poll PRO admin/admin_index.php跨站脚本攻击漏洞

漏洞ID	1118170	漏洞类型	跨站脚本
发布时间	2009-07-21	更新时间	2009-07-21
CVE编号	CVE-2009-3509	CNNVD-ID	CNNVD-200910-100
漏洞平台	PHP	CVSS评分	4.3

|漏洞来源

https://www.exploit-db.com/exploits/34749
https://www.securityfocus.com/bid/43498
https://cxsecurity.com/issue/WLB-2009100065
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200910-100

|漏洞详情

CJDynamicPollPRO2.0版本的admin/admin_index.php中存在跨站脚本攻击漏洞。远程攻击者可以借助PATH_INFO，注入任意的web脚本或HTML。

|漏洞EXP

source: www.securityfocus.com/bid/43498/info

CJ Dynamic Poll Pro is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

CJ Dynamic Poll Pro 2.0 is vulnerable; other versions may be affected. 

http://www.example.com/cjdynamicpollprov2/admin/admin_index.php/"><script>alert(document.cookie);</script>

|受影响的产品

CJ Website Design CJ Dynamic Poll Pro 2.0

|参考资料

来源:XF
名称:cjdynamic-adminindex-xss(51925)
链接:http://xforce.iss.net/xforce/xfdb/51925
来源:VUPEN
名称:ADV-2009-1983
链接:http://www.vupen.com/english/advisories/2009/1983
来源:OSVDB
名称:56181
链接:http://www.osvdb.org/56181
来源:SECUNIA
名称:35799
链接:http://secunia.com/advisories/35799
来源:MISC
链接:http://packetstormsecurity.org/0907-exploits/cjdynamicpoll-xss.txt