XSS in Blogtext version 3.7.6 [CVE-2016-9418]
06 Feb 2017发现者: 陈瑞琦
发现日期: 2016-08-28
下载地址: MyBB
作者: MyBB
作者通知日期: 2016-08-29
作者联系手段:
CVE-ID:CVE-2016-9418
描述:
b2evolutioe is a content and community management system written in PHP and backed by a MySQL database. It is distributed as free software under the GNU General Public License. b2evolution originally started as a multi-user multi-blog engine when Fran?ois Planque forked b2evolution from version 0.6.1 of b2/cafelog in 2003.[2] A more widely known fork of b2/cafelog is WordPress. b2evolution is available in web host control panels as a “one click install” web app.3
细节:
./inc/html.php
code
line 133 function lien_pagination()
line 142 $qstring = remove_url_param('p');
./inc/util.php
`code`
line 358 function remove_url_param($param)
**PoC:**
`code`
test.php
**Fix:**