| タイトル | SourceCodester SourceCodester KLiK Social Media Website v1.0.1 CRLF Injection |
|---|
| 説明 | HTTP header injection (CRLF injection) was discovered in dbh.inc.php during security testing. By manipulating the blog parameter in HTTP GET requests, an unauthenticated attacker can inject CRLF sequences into the Location response header. This allows the attacker to perform HTTP response splitting, set arbitrary cookies (session fixation), or inject malicious scripts (XSS) into the victim's browser.
Identify a vulnerable endpoint where blog parameter reflects into Location header.
Craft a malicious GET request with CRLF characters encoded as %0d%0a:
GET /includes/dbh.inc.php?blog=1%0d%0aSet-Cookie:%20session=evil%0d%0aX-IGNORE: HTTP/1.1
The server responds with an injected Set-Cookie header.
For XSS, inject %0d%0a%0d%0a followed by JavaScript:
GET /includes/dbh.inc.php?blog=1%0d%0a%0d%0a%3Cscript%3Ealert(1)%3C/script%3E
The browser parses the injected response and executes the script. |
|---|
| ソース | ⚠️ https://github.com/msaad1999/KLiK-SocialMediaWebsite |
|---|
| ユーザー | g111 (UID 92409) |
|---|
| 送信 | 2026年04月27日 03:45 (1 月 ago) |
|---|
| モデレーション | 2026年05月24日 08:52 (27 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 365401 [KLiK SocialMediaWebsite 1.0 HTTP GET Request Parameter 特権昇格] |
|---|
| ポイント | 20 |
|---|