Lucene search
webeditor-xssrfi.txt
🗓️ 22 Jan 2008 00:00:00Reported by Maximiliano SolerType 
packetstorm🔗 packetstormsecurity.com👁 19 Views
Reported XSS & RFI Vulnerability in Namo WebEditor version 1.0.4. Vulnerable through the "id" parameter in webeditor.php. Referenced inurl DORK: "inurl:"webeditor.php" intext:"login
Show more
`Hi People of PacketStormSecurity !
I want to report a XSS & RFI Vulnerability in WedEditor.
+========================================================================+
+ WebEditor <= 1.0.4 XSS & RFI Multiple Remote Vulnerabilities +
+========================================================================+
Author(s): Ivan Sanchez & Maximiliano Soler
Product: Namo WebEditor
Web: http://www.namo.com/products/webeditor.php
Versions: 1.0.4 (or less).
Date: 21/01/2008
GOOGLE DORKS:
------------
[+] inurl:"webeditor.php" intext:"login"
EXPLOIT:
--------
For example...after the variable "id"
http://www.[DOMAIN].tld/webeditor.php?id=[XSS or RFI]
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!
+========================================================================+
+ WebEditor <= 1.0.4 XSS & RFI Multiple Remote Vulnerabilities +
+========================================================================+
--
Maximiliano Soler.
Reports & Review Code.
Null Code Services.
www.nullcode.com.ar
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo22 Jan 2008 00:00Current
7.4High risk
Vulners AI Score7.4