| To: | bugtraq@securityfocus.com |
|---|---|
| Subject: | MTCMS multiple upload vulnerabilities |
| From: | none@none.com |
| Date: | 23 Feb 2007 18:17:31 -0000 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
avatar upload vulnerability: upload any kind of file in: site.com/MTCMS-V2.2/?a=gallery&b=add_down and approuved or not it will be here : /uploads/pictures/ same thing for : add link /index.php?a=links&b=add_link xss permanent on Contact Us : message & title fields are vulnerable to an xss attack. this kind of xss are pretty dangerous, because you send the malicious message to an admin. so you can get his cookie. regards laurent gaffié |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: MSIE7 browser entrapment vulnerability (probably Firefox, too), Michal Zalewski |
|---|---|
| Next by Date: | ViewCVS 0.9.4 issues, Moritz Naumann |
| Previous by Thread: | XXS in script Phorum, c_r_ck |
| Next by Thread: | ViewCVS 0.9.4 issues, Moritz Naumann |
| Indexes: | [Date] [Thread] [Top] [All Lists] |