MyBB 'functions_post.php'跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1193551 漏洞类型 跨站脚本
发布时间 2006-09-12 更新时间 2006-09-12
CVE编号 CVE-2006-4706 CNNVD-ID CNNVD-200609-165
漏洞平台 N/A CVSS评分 6.8
|漏洞来源
https://www.securityfocus.com/bid/83644
https://cxsecurity.com/issue/WLB-2006090069
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200609-165
|漏洞详情
MyBB(也称为MyBulletinBoard)1.1.7的inc/functions_post.php中的跨站脚本攻击(XSS)漏洞,远程攻击者可以通过包含具有SGML数字字符引用和嵌入式空格的javascriptURI的urlBBCode标记注入任意Web脚本或HTML,如使用"javascript"所示。
|漏洞EXP
ORIGINAL ADVISORY:

http://myimei.com/security/2006-08-15/mybb-117-htmlspeacialchar_uni-fixj
avascript-functions_postphp-urlxss-attack.html

http://kapda.ir/page-advisory.html

**************

??????-Summary?????-

Software: MyBB

Sowtware?s Web Site: http://www.mybboard.com

Versions: 1.1.7

Class: Remote

Status: Unpatched

Exploit: Available

Solution: Available

Discovered by: imei addmimistrator

Risk Level: low

??????Description?????

There is a security bug in MyBB 1.1.7 software (latest version fully patched) file functions_post.php that allows attacker performe an XSS attack.

FOR MORE DETAIL VISIT ORIGINAL ADVISORY
|受影响的产品
MyBulletinBoard MyBulletinBoard 1.1.7
|参考资料

来源:www.mybboard.com
链接:http://www.mybboard.com/archive.php?nid=18
来源:VUPEN
名称:ADV-2006-3418
链接:http://www.frsirt.com/english/advisories/2006/3418
来源:MISC
链接:http://myimei.com/security/2006-08-15/mybb-117-htmlspeacialchar_uni-fixjavascript-functions_postphp-urlxss-attack.html
来源:BUGTRAQ
名称:20060830[KAPDA]MyBB1.1.7~htmlspeacialchar_uni(),fixjavascript(),functions_post.php~[url]XSSattack
链接:http://www.securityfocus.com/archive/1/archive/1/444807/100/100/threaded
来源:SREASON
名称:1541
链接:http://securityreason.com/securityalert/1541
来源:SECUNIA
名称:21697
链接:http://secunia.com/advisories/21697