JAWS多个输入验证漏洞

JAWS多个输入验证漏洞

漏洞ID 1108025 漏洞类型 跨站脚本
发布时间 2004-07-06 更新时间 2005-10-20
图片[1]-JAWS多个输入验证漏洞-安全小百科CVE编号 CVE-2004-2444
图片[2]-JAWS多个输入验证漏洞-安全小百科CNNVD-ID CNNVD-200412-911
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/24257
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-911
|漏洞详情
Jaws0.3版本的index.php存在跨站脚本(XSS)漏洞。远程攻击者可以借助action参数注入任意web脚本或HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/10670/info
  
JAWS is reported prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application:
  
JAWS is prone to a cross-site scripting vulnerability.
  
This cross-site scripting issue can permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If a user follows the malicious link, the attacker-supplied code executes in the Web browser of the victim computer. This attack can allow for theft of cookie-based authentication credentials and other attacks.
  
JAWS is reported to be prone to a file disclosure vulnerability. The vulnerability presents itself because directory traversal sequences "../.." are not correctly sanitized from user-supplied data. It is reported that an attacker may disclose a target file by including a relative path including directory traversal sequences to the target file as a value for URI parameters passed to the a JAWS script.
  
An authentication bypass vulnerability is reported to affect the JAWS authentication system. It is reported that an authentication cookie is derived from a known value, a remote attacker may create a cookie and use this cookie to authenticate to the system.

http://www.example.com/jaws/index.php?gadget=[a valid gadget]&action=<b>bold letter</b>
http://www.example.com/jaws/index.php?gadget=[a valid gadget]&action=<script>alert('Colombia Rulx!!');</script>
|参考资料

来源:XF
名称:jaws-indexphp-xss(16621)
链接:http://xforce.iss.net/xforce/xfdb/16621
来源:BID
名称:10670
链接:http://www.securityfocus.com/bid/10670
来源:OSVDB
名称:7723
链接:http://www.osvdb.org/7723
来源:SECTRACK
名称:1010651
链接:http://securitytracker.com/id?1010651
来源:FULLDISC
名称:20040705MultiplesvulnerabilitiesinJAWS
链接:http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0226.html

相关推荐: Multiple Vendor XML DTD Parameter Entity SOAP Server Denial Of Service Vulnerability

Multiple Vendor XML DTD Parameter Entity SOAP Server Denial Of Service Vulnerability 漏洞ID 1099231 漏洞类型 Failure to Handle Exception…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享