YABB SE多个输入验证漏洞

YABB SE多个输入验证漏洞

漏洞ID 1107760 漏洞类型 输入验证
发布时间 2004-03-01 更新时间 2005-10-20
图片[1]-YABB SE多个输入验证漏洞-安全小百科CVE编号 CVE-2004-0344
图片[2]-YABB SE多个输入验证漏洞-安全小百科CNNVD-ID CNNVD-200411-080
漏洞平台 PHP CVSS评分 6.4
|漏洞来源
https://www.exploit-db.com/exploits/23774
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200411-080
|漏洞详情
YABBSE是一款基于PHP/MySQL的论坛程序。YABBSE由于不正确的输入验证,远程攻击者可以利用这些漏洞进行SQL注入和目录遍历攻击。SQL注入漏洞存在于ModifyMessage函数中,由于对$msg参数没有进行任何输入检查,因此可造成SQL注入攻击。造成敏感信息泄露和数据库信息删除。目录遍历攻击是由于ModifyMessage函数没有对用户提交给$attachOld参数包含”../”字符的数据缺少过滤,攻击者可能以WEB进程权限查看系统任意文件内容。
|漏洞EXP
source: http://www.securityfocus.com/bid/9774/info

It has been reported that YaBB SE may be prone to multiple vulnerabilities due to improper input validation. The issues may allow an attacker to carry out SQL injection and directory traversal attacks. Successful exploitation of these issues may allow an attacker to gain access to sensitive information that may be used to mount further attacks against a vulnerable system. The SQL injection vulnerabilities can be exploited to gain access to user authentication credentials and corrupt user information in the underlying database.

YaBB SE versions 1.5.4, 1.5.5, and 1.5.5b are reported to be affected by these issues, however it is possible that other versions are vulnerable as well.

http://www.example.com/forum/index.php?board=1;action=modify2;msg=2;threadid=2;start=0;sesc=aae1f7d45d5e54c853e9e2314fb982a1;subject=hola;message=hola;waction=deletemodify;posti
d=1+or+1=1+ORDER+BY+ID_MSG+DESC/*
|参考资料

来源:BID
名称:9774
链接:http://www.securityfocus.com/bid/9774
来源:BUGTRAQ
名称:20040301YabbSE(3on1)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=107816202813083&w;=2

相关推荐: Microsoft Windows NTFS File Hiding Vulnerability

Microsoft Windows NTFS File Hiding Vulnerability 漏洞ID 1102495 漏洞类型 Design Error 发布时间 2002-01-29 更新时间 2002-01-29 CVE编号 N/A CNNVD-ID…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享