Full Disclosure mailing list archives
Various Vulnerabilities in SparkleBlog
From: Kovács László <bugtracklist () freemail hu>
Date: Sat, 15 Jan 2005 17:37:37 +0100
Various Vulnerabilities in SparkleBlog SparkleBlog is an open-source PHP script which allows you to input and edit your weblog entries, without having to go through the hassle of coding in HTML and uploading via FTP every time you want to make an update. A weblog (aka blog) is simply an online version of a diary, and blogging has become very popular in recent years. The time and date is automatically added to the end of each of your blog entries, so people know exactly when you posted them. The script even allows your website's visitors to make comments on each of your blog entries, if they wish. No password requied for admin pages. So a remote attacker can request the file and admin the blog site. [blogsite]/admin/blogadmin.php [blogsite]/admin/cpconfig.php [blogsite]/admin/editentries.php [blogsite]/admin/update.php XSS attack in journal.php: [blogsite]/journal.php?id=document.write(unescape(%22%3CSCRIPT%3Ealert(docum ent.domain);%3C/SCRIPT%3E%3CSCRIPT%3Ealert(document.cookie);%3C/SCRIPT%3E%22 )); Path disclosure in journal.php: [blogsite]/blog/journal.php?id=' Path disclosure in archives.php: [blogsite]/blog/archives.php?id=' No respone from vendor since: 2005.01.01. SparkleBlog's web page: http://www.creamed-coconut.org/sparkleblog.php Regards, Kovács László kovacs.laszlo () metalogique hu
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Various Vulnerabilities in SparkleBlog Kovács László (Jan 15)