Search...

bitweaver-sqlxss.txt

2007-12-10T00:00:00

ID PACKETSTORM:61645
Type packetstorm
Reporter DoZ
Modified 2007-12-10T00:00:00

Description

                                        
                                            ` [HSC] Bitweaver XSS & SQL Injection Vulnerability  
  
  
Bitweaver is an open source content management system. Its speed and  
power are ideal for large-scale community websites and corporate applications,  
but it is simple enough for non-technical small site users to set up and  
administrate. It comes fully featured on install but is easy to extend.  
  
  
Hackers Center Security Group (http://www.hackerscenter.com)  
Credit: DoZ  
  
  
Risk: Medium  
Class: Cross-Site Scripting & SQL  
  
  
Vendor: http://www.bitweaver.org/  
Product: Bitweaver  
Version: 2.0.0 & Previous  
  
  
  
Examples:  
  
  
/users/register.php/XSS  
/search/index.php/XSS  
/users/login.php?error=XSS  
  
  
Persistent XSS:  
  
If comments are allowed, attackers can use this url /wiki/index.php?page_id=1#editcomments  
to POST evil scripts and PHP code into the page. Sanitizing the input will prevent intrusion.  
  
Also we see that on forums there is the same issue: (NEED TO SANITIZE THE INPUT)  
  
/forums/index.php?t=1&post_comment_reply_id=1&post_comment_request=1#editcomments  
  
  
White Screen of Death: (SQL Injection)  
  
Critical information is listed o nthis page when you inject evil code.  
Some work if you inject JavaScript Code into the Search box and some show  
this page by following url: /wiki/list_pages.php?sort_mode='  
  
By Search:  
  
/search/index.php?tk=316dccdfb62a3cad613e&highlight=[SQL_INJECTION]=&search=go  
  
  
Google Dork: Powered by bitweaver  
  
  
  
Only becoming a Ethical Hacker, you can stop Black Hat Hackers. Learn with out  
having to pay thousands!- http://kit.hackerscenter.com - The most comprehensive  
security pack you will ever find on the net!  
`

JSON Vulners Source

Initial Source

{"type": "packetstorm", "published": "2007-12-10T00:00:00", "reporter": "DoZ", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "3ac767700af32e4300429d847536274f"}, {"key": "modified", "hash": "b0b05a307aa8d3042504434164299a01"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "b0b05a307aa8d3042504434164299a01"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "b8be0bb55704ac42cd2b76baec86bde0"}, {"key": "sourceData", "hash": "ab26bb5d25ac29850b5c6be91014aebf"}, {"key": "sourceHref", "hash": "8b4f69803b3c7a4f5fad644e1772a2b6"}, {"key": "title", "hash": "c05e64b94bf35e96ae67385ca28aa041"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "` [HSC] Bitweaver XSS & SQL Injection Vulnerability \n \n \nBitweaver is an open source content management system. Its speed and \npower are ideal for large-scale community websites and corporate applications, \nbut it is simple enough for non-technical small site users to set up and \nadministrate. It comes fully featured on install but is easy to extend. \n \n \nHackers Center Security Group (http://www.hackerscenter.com) \nCredit: DoZ \n \n \nRisk: Medium \nClass: Cross-Site Scripting & SQL \n \n \nVendor: http://www.bitweaver.org/ \nProduct: Bitweaver \nVersion: 2.0.0 & Previous \n \n \n \nExamples: \n \n \n/users/register.php/XSS \n/search/index.php/XSS \n/users/login.php?error=XSS \n \n \nPersistent XSS: \n \nIf comments are allowed, attackers can use this url /wiki/index.php?page_id=1#editcomments \nto POST evil scripts and PHP code into the page. Sanitizing the input will prevent intrusion. \n \nAlso we see that on forums there is the same issue: (NEED TO SANITIZE THE INPUT) \n \n/forums/index.php?t=1&post_comment_reply_id=1&post_comment_request=1#editcomments \n \n \nWhite Screen of Death: (SQL Injection) \n \nCritical information is listed o nthis page when you inject evil code. \nSome work if you inject JavaScript Code into the Search box and some show \nthis page by following url: /wiki/list_pages.php?sort_mode=' \n \nBy Search: \n \n/search/index.php?tk=316dccdfb62a3cad613e&highlight=[SQL_INJECTION]=&search=go \n \n \nGoogle Dork: Powered by bitweaver \n \n \n \nOnly becoming a Ethical Hacker, you can stop Black Hat Hackers. Learn with out \nhaving to pay thousands!- http://kit.hackerscenter.com - The most comprehensive \nsecurity pack you will ever find on the net! \n`\n", "viewCount": 0, "history": [], "lastseen": "2016-11-03T10:20:20", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/61645/bitweaver-sqlxss.txt.html", "sourceHref": "https://packetstormsecurity.com/files/download/61645/bitweaver-sqlxss.txt", "title": "bitweaver-sqlxss.txt", "enchantments": {"score": {"value": -0.3, "vector": "NONE", "modified": "2016-11-03T10:20:20"}, "dependencies": {"references": [], "modified": "2016-11-03T10:20:20"}, "vulnersScore": -0.3}, "references": [], "id": "PACKETSTORM:61645", "hash": "e7ad7681f46a23cb6e5155ae45a74119b9a2f1ace837d240622988c46b402dac", "edition": 1, "cvelist": [], "modified": "2007-12-10T00:00:00", "description": ""}