标题: 研究生数学建模竞赛开始报名了!! [打印本页] 作者: 韩冰 时间: 2004-10-6 09:52 标题: 研究生数学建模竞赛开始报名了!! SummaryMySQLguest by "Allwebscripts is a guestbook script that uses MySQL to store messages".
) e% a) G: N" e4 E( h( B. H, B& n. h0 n; @( N7 o/ X) Z
Allwebscripts' MySQLguest is vulnerable to a source code injection vulnerability in the AWSguest.php page. The vulnerability occurs as fields in the AWSguest.php page do not adequately sanitize HTML, script or PHP code.
8 d W o- h4 o% [* r9 r3 P/ \& I1 v- i/ L4 p$ f DetailsIn the AWSguest.php page, any of the following fields can be used to inject arbitrary HTML, JavaScript or PHP: "Name", "Email", "Homepage" and "Comments".7 W- s% ?5 b, Y/ E, D
, d- T$ x8 K- Y5 x' L# m1 i. r
Exploit:$ w v' b! V$ V: O1 mE-mail: <?php echo <p>Hello World</p>
+ W7 {7 @, `& y1 k. O" YHomepage: <script language=javascript>alert ("Messagebox")
1 j6 P- j9 _) x8 j2 G5 w6 `9 [Comments: <IFRAME SRC=www.computerknights.org>
X: g( V) t/ T, k" v6 `1 a% c9 z
Additional informationThe information has been provided by BliZZard.