Kleeja Upload Center Script CRLF Injection

2012-11-28T00:00:00
ID PACKETSTORM:118423
Type packetstorm
Reporter Ashiyane Digital Security Team
Modified 2012-11-28T00:00:00

Description

                                        
                                            `#############################  
  
Exploit Title : Kleeja Upload Center Script CRLF injection  
Author:Ashiyane Digital Security Team  
home: http://ashiyane.org/forums  
version:1.0.1  
software link: www.Kleeja.com  
Date:Sunday - 2012 25 November  
Google Dork: intext:Kleeja © 2007-2012. All rights reserved  
Type: CRLF injection  
Tested on:Windows7  
  
##########################  
  
This script is possibly vulnerable to CRLF injection attacks.  
The problem is located in the file:   
/install/index.php   
  
Suppose you run a vulnerable website that has a member section.   
An attacker will send an email to one of your members containing a CRLF-crafted link.  
This link appears to be legitimate; after all it points to your own website.   
The link might look something like the one below:  
http://www.yoursite.com/somepage.php?page=%0d%0aContent-Type: text/html%0d%0aHTTP/1.1 200 OK%0d%0aContent-Type: text/html%0d%0a%0d%0a%3Chtml%3EHacker Content%3C/html%3E  
  
##########################  
  
* Sp Tnx To: Behrooz_Ice,Q7X,Ali_Eagle,Azazel,iman_taktaz,sha2ow,0x21HATE,A.S.P.I.R.I.N,am118,Angel--D3m0n,angola,AR455,Azad™,Black-Hole,Classic,Encoder,ERroR,Hashor   
* HASSAN20,HidDeEn,hossein19123,jooooondost,Kaz3m,ll_Invisible_ll,majidflash,megacpu,MehrdadLinux,Milad-Bushehr,MostafaBestMan,MR.SAMAN,Mute,N4H,Pr0grammer,PrinceofHacking   
* Rizux,Rz04,S!YOU.T4r.6T,Sil3nt Di3,The Smith,unique2world,Unline,V!T0N,X-HIDDEN-X   
* Crypt0,khatarnak,Milad22,MR.Vinci,Pirjo,V1R4N64R   
* And All Of My Friends   
* The Last One : My Self, Cyb3r_Inj3ct0r  
##########################  
`