| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 24 Oct 2007 02:21:19 -0000 From: Joseph.giron13@...il.com To: bugtraq@...urityfocus.com Subject: Bosdev Multiple vulnerabilities BosMarket Business Directory System http://www.bosdev.com BosMarket Multiple XSS vulnerabilities BosMarket is a craigslist like application that attempts to let users refer other small businesses. The problem is that when you post listings, its a a no holds barred kind of deal. Firstly, One can place XSS code into their user info. Just email the admin claiming your account details are screwy, and wham, easy access. The next vulnerability is within posts themselves. Once again, XSS code is not filtered. BosNews v4 XSS Then there is BosNews. The program allows for anonymous people to post news There us a form of BB code in use, but that doesnt stop the fact that script tags can be used as well. Its cookie based auth, so cookie theft is a snap, among other things people do with XSS. I emailed the guys at bosdev and am awaiting a response. Have fun. BosNews v4, v5 Install.php auth override. Using BosNews, we can install over the old installation without a username or password. It actually overwrites the old one. If you have the database info, it will even let you create a new admin username / password. I emailed the guys at bosdev and am awaiting a response. Have fun.
Powered by blists - more mailing lists