Vikingboard (0.1.2) [ multiples vulnerability ]

2006.12.06
Risk: Medium
Local: Yes
Remote: Yes
CWE: N/A

vendor site:http://vikingboard.com/ product:Vikingboard (0.1.2) bug:local file include & multiples permanent xss risk:medium error sql : /members.php?s=-80 xss permanent : - in private message , an attacker can send a pm to an administrator with some javascript into the subject field an get his cookie stealed - in the forum , an attacker can post a topic , with some javascript into the subject field , then when you get in : http://site.com/forum/ you will get your cookie stealed direcly . those xss are a serious security issue for a forum , because they are permanent . local file include : also once the attacker have stoolen the cookie , then he will get admin , in the administration there's a local file include here : /admin.php?act=../../../../../../../../../../../../../../etc/passwd%00 laurent gaffi & benjamin moss http://s-a-p.ca/ contact: saps.audit (at) gmail (dot) com [email concealed]


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top