Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20203
HistoryJul 22, 2008 - 12:00 a.m.

MyBlog <=0.9.8 Multiple Vulnerabilities

2008-07-2200:00:00
vulners.com
23
JSON

########################## www.BugReport.ir
#######################################

AmnPardaz Security Research Team

Title: MyBlog <=0.9.8 Multiple Vulnerabilities

Vendor: http://crewdesign.co.uk & http://sourceforge.net/projects/myblog

Exploit: Available

Vulnerable Version: 0.9.8

Impact: High

Fix: N/A

Original Advisory: www.bugreport.ir/?/49

###################################################################################

####################

  1. Description:
    ####################
    MyBlog(CMS) is an open source Blog/CMS project. MyBlog(CMS) was
    created as an expandable and easy to use system to manage your website
    with. Its best feature is its customisability, you could use it to run
    your whole site around with forum modules, photo gallery modules and
    all that jazz or you could just run a simple add-on blog using it.
    ####################
  2. Vulnerabilities:
    ####################
    2.1. Information Leakage. Database information disclosure in
    "/config/mysqlconnection.inc" and/or
    "/config/mysqlconnection%20-%20Copy.inc" or "/admin/setup.php".
    2.1.1. Exploit:
    Check the exploit/POC section.
    2.2. Cross Site Scripting (XSS). Reflected XSS attack in "index.php"
    in "sort" and "s" parameters.
    2.2.1. Exploit:
    Check the exploit/POC section.
    2.2. Cross Site Scripting (XSS). Reflected XSS attack in "post.php"
    in "id" parameter.
    2.2.1. Exploit:
    Check the exploit/POC section.
    2.4. Information Leakage. Source code disclosure in "/config/settings.inc".
    2.4.1. Exploit:
    Check the exploit/POC section.
    ####################
  3. Exploits/POCs:
    ####################
    Original Exploit URL: http://bugreport.ir/index.php?/49/exploit
    ####################
  4. Solution:
    ####################
    Edit the source code to ensure that inputs are properly sanitized.
    Rename the mentioned files in section 2.1, 2.4 and wait for vendor
    patch.
    ####################
  5. Credit:
    ####################
    AmnPardaz Security Research & Penetration Testing Group
    Contact: admin[4t}bugreport{d0t]ir
    WwW.BugReport.ir
    WwW.AmnPardaz.com
JSON