Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: UPublisher Exploit - Superfreaker
From: me () overhere cc
Date: 4 Dec 2006 01:27:32 -0000

In regard to the many articles on Google: 

http://www.google.com/search?hl=en&q=upublisher+exploit  

Superfreaker's "UPublisher" exploit is NOT LIMITED to their "viewarticle.asp" script.

In fact, most of the product is vulnerable to SQL Injection attacks such as "index.asp" and "preferences.asp". 

Two UPublisher scripts that can be hacked using the EXACT SAME METHOD you described above are: 

sendarticle.asp 
printarticle.asp 

If your copy of UPublisher has already been hacked, be CERTAIN to review and clean the uploads folder at:  
/images/story_images/

In our case, the hacker was able to upload entire HTML pages ... and then reference them from their browser since they 
now knew the full URL to their HTML form!


# # # #


  By Date           By Thread  

Current thread:
  • Re: UPublisher Exploit - Superfreaker me (Dec 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault