Home » 2009 » December » 10
Usually, curl is used to connect and retrieve data from a remote URL
using the http protocol. However, curl supports a bunch of protocols.
One of these protocols is the file protocol. Using this protocol you can
read local files by using an URL like file:///etc/passwd. Therefore, if
the user can control the URL passed to curl_exec, in some cases (if the
content is echoed back) he can read local files.

While testing our AcuSensor technology on different applications, I’ve
found a real-life example of a vulnerable application.  I’m talking
about Zen Cart.

Zen Cart is an open source online store management system. It is
PHP-based, using a MySQL database and HTML components. Support is
provided for several languages and currencies, and it is freely
available under the GNU General Public License.

Zen Cart contains a directory named extras where there are different
test scripts. One of these scripts is curltest.php. ... Read more »
Views: 5878 | Added by: b1zz4rd | Date: 2009-12-10 | Comments (0)

[+] Invision Power Board XSS vulnerability

       Software : Invision Power Board (IPB)
       Affected : IPB v2.x up to v3.0.4 (prior versions might be vulnerable as well)
       Remote   : Yes
       Required : Internet Explorer +5.0
       Vendor   : http://www.invisionpower.com/
       Download : Commercially available
       Author   : Xacker
       Contact  : N/A
       Blog     : http://xacker.wordpress.com
       Website  : N/A


[+] Technical details

       IP.Board is prone to XSS attacks through maliciously crafted *.txt
files a ... Read more »
Views: 60609 | Added by: b1zz4rd | Date: 2009-12-10 | Comments (107)