lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20070714045620.8810.qmail@securityfocus.com>
Date: 14 Jul 2007 04:56:20 -0000
From: info@...-app.net
To: bugtraq@...urityfocus.com
Subject: Re: Menu Manager Mod for WebAPP - No Input Filtering

The issue is not yet secure at http://www.web-app.org 

1.) Guests can edit files on the server by:
http://victim-domain/cgi-bin/index.cgi?action=menu
- There are approximately 35 webapporg sites of version 0.9.9.7 defaced with the issue. So it couldn't possibly be fixed for 0.9.9.7 as claimed above.

2.) Members/guests can add $values in the menu form. Allowing $ is madness, its it can be exploited to run direct cmd on the Perl shell.

I tried posting a message about it before here but  it was unnoticed and never published.

Kind regards
On Elpeleg
WebAPP

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ