Basic Forum by JM LLC - Multiple Vulnerabilities

2013-07-27T00:00:00
ID 1337DAY-ID-21035
Type zdt
Reporter Sp3ctrecore
Modified 2013-07-27T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ================================================
Basic Forum by JM LLC - Multiple Vulnerabilities
================================================
 
Software................: Basic Forum
Software link...........: http://www.jmagness.com/download/Basic_Forum.zip
Vendor..................: JM LLC
Vendor homepage.........: http://www.jmagness.com
 
Exploit author..........: Sp3ctrecore
Contact.................: sp3ctrecore[at]gmail[dot]com
 
 
--------
OVERVIEW
--------
 
Basic Forum is affected by multiple vulnerabilities.
 
 
-------------------
DISCLOSURE TIMELINE
-------------------
 
04/07/2013 -- Multiple vulnerabilities discovered and reported to the vendor.
19/07/2013 -- The vendor confirmed the vulnerabilities, but has no
time to fix them.
24/07/2013 -- Public disclosure.
 
 
---------------
VULNERABILITIES
---------------
 
[01] MULTIPLE SQL INJECTIONS
 
I.   new.php - title parameter (POST request).
II.  new.php - post parameter (POST request).
III. post.php?id=1 - reply parameter (POST request).
 
 
[02] MULTIPLE CROSS-SITE SCRIPTING
 
I.   user.php - firstname parameter (POST request): stored XSS.
II.  user.php - bio parameter (POST request): stored XSS.
III. new.php - title parameter (POST request): stored XSS.
IV.  new.php - post parameter (POST request): stored XSS.
 
 
[03] Cross-site Request Forgery
 
I.   user.php - firstname parameter (POST request).
II.  user.php - email parameter (POST request).
III. user.php - password parameter (POST request).
IV.  user.php - bio parameter (POST request).
V.   new.php  - title parameter (POST request).
VI.  new.php  - post parameter (POST request).
VII. post.php - reply parameter (POST request).

#  0day.today [2018-03-28]  #