Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:62201236086
HistoryDec 12, 2012 - 12:00 a.m.

yourphp cms-stored xss-vulnerability warning-the black bar safety net

2012-12-1200:00:00
佚名
www.myhack58.com
11
JSON

yourphp is based on thinkphp framework for the development of the open source cms, there is a storage-typexssvulnerability

In the demo of the cms when found this vulnerability, in order to have the power of persuasion, then using the official demo displayxssprocess,

In yourphp official http://demo5. yourphp. cn operates, the demo use yourphp version 2.1, but the latest release of the yourphp2. 2 also has this problem.

The problem is in the online message function.

http://demo5.yourphp.cn/index.php?m=Guestbook&a=index&id=1 9

Vulnerability to prove:

Submit an online message function, because the cms online leave a message after the submission requires the administrator to review only the foreground is displayed, so I willxsscode through a plurality of empty carriage returns to hide, so in the background review, the administrator slightly careless will review through, see below:

1, submit a message, in the message content by a plurality of empty row hiddenxsscode

!

2, in the background of the audit when it is easy to muddle through

Because it is a demo, the official didn’t change the backend password, so it can be displayed here back office operations, back office address:

http://demo5.yourphp.cn/admin.php

Username and password are both:yourphp

!

3, success

!

Repair solutions:

Filter

JSON