|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sp.IC (SpeedICNet_at_Hotmail.Com)
Date: Fri Oct 04 2002 - 12:28:10 CDT
('binary' encoding is not supported, stored as-is)
.:: phpLinkat XSS Security Bug.
phpLinkat is a free Web-Based link indexing script written in PHP and
runs on MySQL. This product is vulnerable to the Cross-Site
Scripting vulnerability that would allow attackers to inject HTML and
script codes into the pages and execute it on the clients browser as if
it were provided by the site.
+ Tested on:
- phpLinkat 0.1.0
+ Exploit:
- showcat.php?catid=<Script>JavaScript:alert('XSS Exploit');</Script>
- addyoursite.php?catid=<Script>JavaScript:alert('XSS
Exploit');</Script>
+ Solution:
- Open showcat.php
- Add this code to line 6:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Replace("/[A-Z&.;:()~!
#$%^''*\{\}\/]/i", "",
$catid);
- Open addyoursite.php
- Add this code to line 6:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Replace("/[A-Z&.;:()~!#$%^''*\{\}\/]/i", "",
$catid);
+ Links:
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]