Bugtraq: MyBlog <=0.9.8 Multiple Vulnerabilities

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

MyBlog <=0.9.8 Multiple Vulnerabilities

From: admin () bugreport ir
Date: Sun, 20 Jul 2008 16:56:18 +0430

########################## www.BugReport.ir#######################################

#
#               AmnPardaz Security Research Team
#
# Title: MyBlog <=0.9.8 Multiple Vulnerabilities
# Vendor: http://crewdesign.co.uk & http://sourceforge.net/projects/myblog
# Exploit: Available
# Vulnerable Version: 0.9.8
# Impact: High
# Fix: N/A
# Original Advisory: www.bugreport.ir/?/49
###################################################################################

####################
1. Description:
####################

MyBlog(CMS) is an open source Blog/CMS project. MyBlog(CMS) wascreated as an expandable and easy to use system to manage your websitewith. Its best feature is its customisability, you could use it to runyour whole site around with forum modules, photo gallery modules andall that jazz or you could just run a simple add-on blog using it.

####################
2. Vulnerabilities:
####################

2.1. Information Leakage. Database information disclosure in"/config/mysqlconnection.inc" and/or"/config/mysqlconnection%20-%20Copy.inc" or "/admin/setup.php".

                2.1.1. Exploit:
                                                Check the exploit/POC section.

2.2. Cross Site Scripting (XSS). Reflected XSS attack in "index.php"in "sort" and "s" parameters.

                2.2.1. Exploit:
                                                Check the exploit/POC section.

2.2. Cross Site Scripting (XSS). Reflected XSS attack in "post.php"in "id" parameter.

                2.2.1. Exploit:
                                                Check the exploit/POC section.
        2.4. Information Leakage. Source code disclosure in "/config/settings.inc".
                2.4.1. Exploit:
                                                Check the exploit/POC section.
####################
3. Exploits/POCs:
####################
        Original Exploit URL: http://bugreport.ir/index.php?/49/exploit
####################
4. Solution:
####################

Edit the source code to ensure that inputs are properly sanitized.Rename the mentioned files in section 2.1, 2.4 and wait for vendorpatch.

####################
5. Credit:
####################
AmnPardaz Security Research & Penetration Testing Group
Contact: admin[4t}bugreport{d0t]ir
WwW.BugReport.ir
WwW.AmnPardaz.com

By Date By Thread

Current thread:

MyBlog <=0.9.8 Multiple Vulnerabilities admin (Jul 21)