扫码分享
验证:
体验盒子'''
________ __ ____
|\/|/ __ \ /\| || |_ \
| \/ | || | /\ | || | |_) |
| |\/| | || |/ /\ \| || |_ <
| || | |__| / ____ \ |__| | |_) |
|_||_|\____/_/\_\____/|____/
http://www.exploit-db.com/moaub-14-freediscussionforums-multiple-remote-vulnerabilities/
'''
Abysssec Inc Public Advisory
Title:FreeDiscussionForums Multiple Remote Vulnerabilities
Affected Version :Free Discussion Forum 1.0
Discovery:www.abysssec.com
Vendor :http://www.freediscussionforums.net
Download Links :http://sourceforge.net/projects/discusionforum/
Admin Login:http://Example.com/adminlogin.aspx
Description :
===========================================================================================
This version of FreeDiscussionForums have Multiple Valnerabilities :
1- Access to Admin's Section
2- Persistent XSS
Access to Admin's Section:
===========================================================================================
With this path you can easily access to Admin's section:
http://Example.com/ManageSubject.aspx
Valnerable Code :
DLL :App_Web_wngcbiby.dll
Class :Class adminlogin
protected void Button1_Click(object sender, EventArgs e)
{
...
if ((this.txtUserName.Text.Trim() == str) && (this.txtPassword.Text.Trim() == str2))
{
this.Session["User"] = "admin";
base.Response.Redirect("ManageSubject.aspx");
}
}
Persistent XSS:
===========================================================================================
in this application also there is a Persistent XSS exist in title field.
Valnerable Code :
DLL :App_Web_wngcbiby.dll
Class :Class AddPost
protected void Page_Load(object sender, EventArgs e)
{
if (base.Request.QueryString["forumId"] != null)
{
this.forumId = Convert.ToInt32(base.Request.QueryString["forumId"]);
}
if (base.Request.QueryString["title"] != null)
{
this.title = Common.ReplaceString(base.Request.QueryString["title"].ToString().Trim());
}
...
}
===========================================================================================
体验盒子
