Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities Jun 22 2008 11:54AM
tan_prathan hotmail com
==============================================================

Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities

==============================================================

,--^----------,--------,-----,-------^--,

| ||||||||| `--------' | O .. CWH Underground Hacking Team ..

`+---------------------------^----------|

`\_,-------, _________________________|

/ XXXXXX /`| /

/ XXXXXX / `\ /

/ XXXXXX /\______(

/ XXXXXX /

/ XXXXXX /

(________(

`------'

AUTHOR : CWH Underground

DATE : 22 June 2008

SITE : www.citec.us

#####################################################

APPLICATION : Benja CMS

VERSION : 0.1

VENDOR : N/A

DOWNLOAD : http://downloads.sourceforge.net/benjacms

#####################################################

--- Broken Authentication ---

Anonymous can access to administrative control that can add/delete menu

[+] http://[Target]/[benjacms_path]/admin/

--- Arbitrary File upload ---

Upload Path:

[+] http://[Target]/[benjacms_path]/admin/upload.php

File Location:

[+] http://[Target]/[benjacms_path]/billeder/[Evil File]

***Can upload malicious files such as php shell script***

--- Remote XSS Exploit ---

---------

Exploit

---------

[+] http://[Target]/[benjacms_path]/admin/admin_edit_submenu.php/<XSS>

[+] http://[Target]/[benjacms_path]/admin/admin_new_submenu.php/<XSS>

[+] http://[Target]/[benjacms_path]/admin/admin_edit_topmenu.php/<XSS>

##################################################################

Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos

##################################################################

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus