PHP-AGTC Membership System Adduser.PHP 跨站脚本攻击 (XSS) 漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1194795 漏洞类型 跨站脚本
发布时间 2006-05-31 更新时间 2006-05-31
CVE编号 CVE-2006-2687 CNNVD-ID CNNVD-200605-564
漏洞平台 N/A CVSS评分 4.9
|漏洞来源
https://cxsecurity.com/issue/WLB-2006060001
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200605-564
|漏洞详情
PHP-AGTCMembershipSystem1.1a及之前版本的adduser.php存在跨站脚本攻击(XSS)漏洞。远程攻击者可以借助email地址(useremail参数),注入任意Web脚本或HTML。
|漏洞EXP
PHP AGTC-Membership system <= v1.1a XSS

Discovered by: Nomenumbra

Date: 23/5/2006

impact:moderate (privilege escalation,possible defacement)

Ordinary users can add users to the user management system as well,

or change their own email address, which isn't properly sanitized, thus

allowing XSS as follows (for example):

<script>alert(document.cookie)</script>

Nomenumbra
|参考资料

来源:BID
名称:18127
链接:http://www.securityfocus.com/bid/18127
来源:BUGTRAQ
名称:20060523PHPAGTC-Membershipsystem<=v1.1aXSS
链接:http://www.securityfocus.com/archive/1/435134
来源:VUPEN
名称:ADV-2006-2020
链接:http://www.frsirt.com/english/advisories/2006/2020
来源:SECUNIA
名称:20305
链接:http://secunia.com/advisories/20305
来源:XF
名称:phpagtc-adduser-xss(26703)
链接:http://xforce.iss.net/xforce/xfdb/26703
来源:SREASON
名称:995
链接:http://securityreason.com/securityalert/995