CVE-2004-1655
CVSS4.3
发布时间 :2004-09-01 00:00:00
修订时间 :2016-10-17 22:58:31
NMCOES    

[原文]Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) CM_pid parameter in the comments module or (2) the subject or message fields in the notes module.


[CNNVD]PHPWebSite多个输入验证漏洞(CNNVD-200409-005)

        phpWebsite 0.9.3-4及其早期版本存在跨站脚本(XSS)漏洞。远程攻击者借助(1)comments模块的CM_pid参数或者(2)notes模块的主体或者信息字段注入任意web脚本或者HTML。

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:phpwebsite:phpwebsite:0.9.3
cpe:/a:phpwebsite:phpwebsite:0.8.3
cpe:/a:phpwebsite:phpwebsite:0.7.3
cpe:/a:phpwebsite:phpwebsite:0.8.2
cpe:/a:phpwebsite:phpwebsite:0.9.3.4

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1655
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1655
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200409-005
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=109413493005513&w=2
(UNKNOWN)  BUGTRAQ  20040901 Multiple Vulnerabilities In phpWebsite
http://securitytracker.com/id?1011120
(UNKNOWN)  SECTRACK  1011120
http://www.gulftech.org/?node=research&article_id=00048-08312004
(VENDOR_ADVISORY)  MISC  http://www.gulftech.org/?node=research&article_id=00048-08312004
http://www.phpwebsite.appstate.edu/index.php?module=announce&ANN_user_op=view&ANN_id=822
(VENDOR_ADVISORY)  CONFIRM  http://www.phpwebsite.appstate.edu/index.php?module=announce&ANN_user_op=view&ANN_id=822
http://www.securityfocus.com/bid/11088
(VENDOR_ADVISORY)  BID  11088
http://xforce.iss.net/xforce/xfdb/17202
(VENDOR_ADVISORY)  XF  phpwebsite-comments-module-xss(17202)
http://xforce.iss.net/xforce/xfdb/17203
(UNKNOWN)  XF  phpwebsite-notes-script-injection(17203)

- 漏洞信息

PHPWebSite多个输入验证漏洞
中危 跨站脚本
2004-09-01 00:00:00 2005-10-20 00:00:00
远程  
        phpWebsite 0.9.3-4及其早期版本存在跨站脚本(XSS)漏洞。远程攻击者借助(1)comments模块的CM_pid参数或者(2)notes模块的主体或者信息字段注入任意web脚本或者HTML。

- 公告与补丁

        The vendor has released an update to address these vulnerabilities:
        phpWebsite phpWebsite 0.7.3
        
        phpWebsite phpWebsite 0.8.2
        
        phpWebsite phpWebsite 0.8.3
        
        phpWebsite phpWebsite 0.9.3 -4
        
        phpWebsite phpWebsite 0.9.3
        

- 漏洞信息 (24425)

phpWebsite 0.7.3/0.8.x/0.9.x Comment Module CM_pid XSS (EDBID:24425)
php webapps
2004-09-01 Verified
0 GulfTech Security
N/A [点击下载]
source: http://www.securityfocus.com/bid/11088/info

It is reported that phpWebSite is susceptible to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities.

The cross-site scripting issue is present in a parameter of the comments module script. An attacker can exploit these issues by creating a malicious link to the vulnerable module containing HTML and script code and send this link to a vulnerable user. When the user follows the link, the attacker-supplied code renders in the user's browser.

An SQL injection issue exists in the application as well. This issue affects a parameter of the calendar module script. This issue may be exploited to cause sensitive information to be disclosed to a remote attacker.

Finally, a HTML Injection vulnerability is reported to affect the application. The problem is said to occur in the notes module due to a lack of sufficient sanitization performed on user supplied data.

Attackers may potentially exploit this issue to manipulate web content, take unauthorized site actions in the context of the victim, or to steal cookie-based authentication credentials.

These vulnerabilities were reported in phpWebsite 0.9.3-4, previous versions are also reported to be vulnerable.

/index.php?module=comments&CM_op=replyToComment&CM_pid=1[XSS] 		

- 漏洞信息

9445
phpWebSite Comment Module CM_pid XSS
Remote / Network Access Input Manipulation
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

phpWebSite contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "CM_pis" variable upon submission to the Comment Module. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

- 时间线

2004-08-31 Unknow
2004-08-31 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, phpWebSite developers have released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

PHPWebSite Multiple Input Validation Vulnerabilities
Input Validation Error 11088
Yes No
2004-09-01 12:00:00 2009-07-12 07:06:00
Discovery of these vulnerabilities is credited to "GulfTech Security" <security@gulftech.org>.

- 受影响的程序版本

phpWebsite phpWebsite 0.9.3 -4
phpWebsite phpWebsite 0.9.3
phpWebsite phpWebsite 0.8.3
phpWebsite phpWebsite 0.8.2
phpWebsite phpWebsite 0.7.3

- 漏洞讨论

It is reported that phpWebSite is susceptible to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities.

The cross-site scripting issue is present in a parameter of the comments module script. An attacker can exploit these issues by creating a malicious link to the vulnerable module containing HTML and script code and send this link to a vulnerable user. When the user follows the link, the attacker-supplied code renders in the user's browser.

An SQL injection issue exists in the application as well. This issue affects a parameter of the calendar module script. This issue may be exploited to cause sensitive information to be disclosed to a remote attacker.

Finally, a HTML Injection vulnerability is reported to affect the application. The problem is said to occur in the notes module due to a lack of sufficient sanitization performed on user supplied data.

Attackers may potentially exploit this issue to manipulate web content, take unauthorized site actions in the context of the victim, or to steal cookie-based authentication credentials.

These vulnerabilities were reported in phpWebsite 0.9.3-4, previous versions are also reported to be vulnerable.

- 漏洞利用

No exploit is required, the following example is available:

/index.php?module=comments&amp;CM_op=replyToComment&amp;CM_pid=1[XSS]

- 解决方案

The vendor has released an update to address these vulnerabilities:


phpWebsite phpWebsite 0.7.3

phpWebsite phpWebsite 0.8.2

phpWebsite phpWebsite 0.8.3

phpWebsite phpWebsite 0.9.3 -4

phpWebsite phpWebsite 0.9.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站