Bugtraq mailing list archives
phpLinkat XSS Security Bug
From: Sp.IC <SpeedICNet () Hotmail Com>
Date: 3 Oct 2002 20:22:44 -0000
phpLinkat is a free Web-Based link indexing script written in PHP and
runs on MySQL.This product is server is vulnerable to the Cross-Site
Scripting vulnerability would allow attackers to inject HTML and script
codes into the pages and execute it on the clients browser as if it were
provided by the site.
+ Tested on:
- phpLinkat 0.1.0
+ Exploit:
- showcat.php?catid=<Script>JavaScript:alert('XSS Exploit');</Script>
- addyoursite.php?catid=<Script>JavaScript:alert('XSS
Exploit');</Script>
+ Solution:
- Open showcat.php
- Add this code to line 22:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Match("/^[0-9]/", $catid);
If (!$catid){
Print "Error";
}Else{
- Add this code to line 138:
}} //end if
- Open showcat.php
- Add this code to line 14:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Match("/^[0-9]/", $catid);
If (!$catid){
Print "Error";
}Else{
- Add this code to line 105:
}}
+ Links:
- Http://www.DesClub.com
Current thread:
- phpLinkat XSS Security Bug Sp . IC (Oct 04)
- <Possible follow-ups>
- phpLinkat XSS Security Bug Sp . IC (Oct 05)