|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sp.IC (SpeedICNet_at_Hotmail.Com)
Date: Thu Oct 03 2002 - 15:22:44 CDT
('binary' encoding is not supported, stored as-is)
phpLinkat is a free Web-Based link indexing script written in PHP and
runs on MySQL.This product is server is vulnerable to the Cross-Site
Scripting vulnerability would allow attackers to inject HTML and script
codes into the pages and execute it on the clients browser as if it were
provided by the site.
+ Tested on:
- phpLinkat 0.1.0
+ Exploit:
- showcat.php?catid=<Script>JavaScript:alert('XSS Exploit');</Script>
- addyoursite.php?catid=<Script>JavaScript:alert('XSS
Exploit');</Script>
+ Solution:
- Open showcat.php
- Add this code to line 22:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Match("/^[0-9]/", $catid);
If (!$catid){
Print "Error";
}Else{
- Add this code to line 138:
}} //end if
- Open showcat.php
- Add this code to line 14:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Match("/^[0-9]/", $catid);
If (!$catid){
Print "Error";
}Else{
- Add this code to line 105:
}}
+ Links:
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]