标题: 研究生数学建模竞赛开始报名了!! [打印本页] 作者: 韩冰 时间: 2004-10-6 09:52 标题: 研究生数学建模竞赛开始报名了!! SummaryMySQLguest by "Allwebscripts is a guestbook script that uses MySQL to store messages".
0 v" b3 [8 |* D P' `6 k `( Z8 u, Y7 f! d4 V z6 j
Allwebscripts' MySQLguest is vulnerable to a source code injection vulnerability in the AWSguest.php page. The vulnerability occurs as fields in the AWSguest.php page do not adequately sanitize HTML, script or PHP code.& N8 G2 @3 T3 s+ r8 S% t" }
/ \+ B6 u$ z8 a- r2 _ DetailsIn the AWSguest.php page, any of the following fields can be used to inject arbitrary HTML, JavaScript or PHP: "Name", "Email", "Homepage" and "Comments".8 e# q3 q; E2 N, ]
2 j0 V8 n Y9 H" T2 q
Exploit:2 ] A5 ~) R' ~, I4 Q
E-mail: <?php echo <p>Hello World</p> j1 o8 l# i! K* ^0 T9 X+ e
Homepage: <script language=javascript>alert ("Messagebox")
# p M0 }6 z% Z8 y) T4 }# VComments: <IFRAME SRC=www.computerknights.org>
( w" _% m8 o& `* P* p8 b. _; F0 i; ?) }, O1 ]! R1 K Additional informationThe information has been provided by BliZZard.