BUGTRAQ ID: 31295
CNCAN ID:CNCAN-2008092311
MyBB是一款基于PHP的论坛程序。
MyBB不正确处理用户提交的输入,远程攻击者可以利用漏洞进行跨站脚本等攻击。
-通过URL传递的输入在返回给用户前缺少过滤,可导致在目标用户浏览器上执行任意HTML和脚本代码。
-文件global.php, announcements.php, admin/inc/class_page.php, inc/functions.php, inc/datahandlers/post.php, inc/class_error.php, polls.php, moderation.php, inc/class_moderation.php, usercp.php和attachments.php存在多个未明错误。
MyBulletinBoard MyBulletinBoard 1.4.1
MyBulletinBoard MyBulletinBoard 1.4
MyBulletinBoard MyBulletinBoard 1.2.13
MyBulletinBoard MyBulletinBoard 1.2.12
MyBulletinBoard MyBulletinBoard 1.2.11
MyBulletinBoard MyBulletinBoard 1.2.10
MyBulletinBoard MyBulletinBoard 1.2.5
MyBulletinBoard MyBulletinBoard 1.2.3
MyBulletinBoard MyBulletinBoard 1.1.8
MyBulletinBoard MyBulletinBoard 1.1.7
MyBulletinBoard MyBulletinBoard 1.1.7
MyBulletinBoard MyBulletinBoard 1.1.6
MyBulletinBoard MyBulletinBoard 1.1.5
MyBulletinBoard MyBulletinBoard 1.1.4
MyBulletinBoard MyBulletinBoard 1.1.3
MyBulletinBoard MyBulletinBoard 1.1.2
MyBulletinBoard MyBulletinBoard 1.1.2
MyBulletinBoard MyBulletinBoard 1.1.1
MyBulletinBoard MyBulletinBoard 1.1
MyBulletinBoard MyBulletinBoard 1.0.4
MyBulletinBoard MyBulletinBoard 1.0.3
MyBulletinBoard MyBulletinBoard 1.0.2
MyBulletinBoard MyBulletinBoard 1.0.1
MyBulletinBoard MyBulletinBoard 1.0 PR2
MyBulletinBoard MyBulletinBoard 1.0
MyBulletinBoard MyBulletinBoard RC4
MyBulletinBoard MyBulletinBoard RC3
MyBulletinBoard MyBulletinBoard RC2
MyBulletinBoard MyBulletinBoard RC1
MyBulletinBoard MyBulletinBoard 1.2
MyBulletinBoard MyBulletinBoard 1.10
可升级到MyBulletinBoard 1.4.2版本:
<a href=http://www.mybboard.net/ target=_blank>http://www.mybboard.net/</a>
京公网安备 11010502034610号
暂无评论