|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 4629 CVE : CVE-2008-5211 CWE : CWE-79 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : Yes Credit : Christian Holler Published : 25.11.2008
Advisory Content : -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sphider Cross Site Scripting Vulnerability Original release date: 2008-04-29 Last revised: 2008-05-06 Latest version: http://users.own-hero.net/~decoder/advisories/sphider134-xss.txt Source: Christian Holler <http://users.own-hero.net/~decoder/> Systems Affected: Sphider 1.3.4 (http://www.sphider.eu/) - A PHP Search Engine Severity: Moderate Overview: Sphider is a search engine that has several features; one is a search suggestion feature as in "Did you mean xyz?" that corrects possible typos in your search, without however sanitizing this output. This feature is off by default, but turned on by many sites for convenience. I. Description The output of the suggestion feature in Sphider does output the complete query if there is at least one word in this query that has the script has found a possible correction for. This word is highlighted and the rest of the search query is returned as it is. However, this output is completely unsanitized, allowing HTML/Javascript to be included. II. Impact Depending on the site where this search script is deployed, this attack can be used to steal cookies from other users by tricking them into visiting a given URL. III. Proof of concept search.php?query=xsss%20%3Cscript%3Ealert('HELLO');%3C/script%3E&search= 1 where the first word in the query, "xsss" is a word that can be corrected by the search script. This generally depends on the indexed site(s) but such a word is very easy to find. IV. Solution Currently none, author has been informed. Timeline: 2008-04-29: Author informed 2008-05-06: Vulnerability notice published -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.6 (GNU/Linux) iD8DBQFIIMGYJQIKXnJyDxURAm44AJ9JbT+63Krpg95BZatccKal29DhkwCgoAE9 eNhj/JgskwQVKgmdnFBEVG0= =DZrL -----END PGP SIGNATURE----- References : http://xforce.iss.net/xforce/xfdb/42240
http://www.securityfocus.com/bid/29074
http://www.securityfocus.com/archive/1/archive/1/491712/100/0/threaded
http://users.own-hero.net/~decoder/advisories/sphider134-xss.txt
http://secunia.com/advisories/30082  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
| PHP | |
|
» libzip 0.9.3 |
||
| ADT | ||
Protect your family and valuables with Home Security Systems |
||
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |