Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
Ezportal/Ztml v1.0 Multiple vulnerabilities
Aug 30 2006 06:01AM
Hessamx hessamx net
:: Ezportal/Ztml v1.0 Multiple vulnerabilities ::
------------------------------------------------
Software : Ezportal/Ztml
Website : http://www.ztml.org
Bug Discover : Hessam-x / www.hessamx.net
I. Multiple Cross Site Scripting Vulnerabilities
-------------------------------------------------
Parameters :
About , Again , Lastname , Email , password , album,
id , table , desc , doc , mname , max , htpl ,pheader , & more...
are not properly sanitized in "Index.php".
This can be used to post arbitrary HTML or web script code.
Attacker can be execute this url :
index.php?about=[XSS]
index.php?username=GUEST&again=[XSS]
& ...
II. SQL Injection Vulnerabilities
-------------------------------------------------
Parameters:
about , album , id , use , desc , doc , max , mname , & Other ...
is not properly sanitized before being used in SQL query.
vulnerable Page is : "index.php".
This can be used make any SQL query by injecting arbitrary SQL code.
Attacker can be execute this url :
index.php?about=[SQL Query]&use=ezportal.home.about.this.template
index.php?doc=[SQL Query]&etpl=ezp.home.update.status&ukey=_zdoc.zdoc.group
& other ...
III. Authentication Bypass Vulnerability
-------------------------------------------------
"Administration Area" script has no any authentication.
Any user can get access to administrator's area.Just need to know script name
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
------------------------------------------------
Software : Ezportal/Ztml
Website : http://www.ztml.org
Bug Discover : Hessam-x / www.hessamx.net
I. Multiple Cross Site Scripting Vulnerabilities
-------------------------------------------------
Parameters :
About , Again , Lastname , Email , password , album,
id , table , desc , doc , mname , max , htpl ,pheader , & more...
are not properly sanitized in "Index.php".
This can be used to post arbitrary HTML or web script code.
Attacker can be execute this url :
index.php?about=[XSS]
index.php?username=GUEST&again=[XSS]
& ...
II. SQL Injection Vulnerabilities
-------------------------------------------------
Parameters:
about , album , id , use , desc , doc , max , mname , & Other ...
is not properly sanitized before being used in SQL query.
vulnerable Page is : "index.php".
This can be used make any SQL query by injecting arbitrary SQL code.
Attacker can be execute this url :
index.php?about=[SQL Query]&use=ezportal.home.about.this.template
index.php?doc=[SQL Query]&etpl=ezp.home.update.status&ukey=_zdoc.zdoc.group
& other ...
III. Authentication Bypass Vulnerability
-------------------------------------------------
"Administration Area" script has no any authentication.
Any user can get access to administrator's area.Just need to know script name
[ reply ]