All posts by 007admin

Full Disclosure

SilverStripe CMS – Path Disclosure

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/silverstripe-cms—path-disclosure.html

Date:
04-Apr-2017

Product:
SilverStripe CMS

Versions affected:
3.1.9 and below.

Vulnerability:
Path disclosure.

Example URL:
http://[target]/dev/build/
Path reported:
/home/[target]/public_html/framework/dev/DebugView.php

https://www.silverstripe.org/download/security-releases/ss-2015-001/

Credit:
Discovered by Patrick Webster

Disclosure timeline:
07-Nov-2015 -…

Full Disclosure

SmartJobBoard – Cross-site scripting, personal information disclosure and PHPMailer package

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/smartjobboard—cross-site-scripting-personal-information-disclosure-and-phpmailer-package.html

Date:
04-Apr-2017

Product:
SmartJobBoard

Versions affected:
v5.0.9 and below.

Vulnerability:

1) Cross-site scripting vulnerabilities in the following locations and
parameters:

/add-listing/ [proceed_to_posting parameter]
/add-listing/ [productSID parameter]
/add-listing/Resume/General/ [productSID parameter]…

Full Disclosure

AcoraCMS browser redirect and Cross-site scripting vulnerabilities

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/acoracms-browser-redirect-and-cross-site-scripting-vulnerabilities.html

Date:
04-Apr-2017

Product:
AcoraCMS

Versions affected:
7.0.0.6 (known bugs from 6.0.6 are still present
http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt).

Vulnerabilities:
1) Arbitrary browser redirect:

POST /forums/login.asp HTTP/1.1
Host: [target]
Content-Type: application/x-www-form-urlencoded
Content-Length: 70…

Full Disclosure

Kaseya information disclosure vulnerability

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/kaseya-information-disclosure-vulnerability.html

Date:
04-Apr-2017

Product:
Kaseya VSA

Versions affected:
9.02.00.04

Vulnerability:

Installations of Kaseya contain the following installation page:
https://[target]/install/kaseya.html

When the product is installed, it cannot be installed again. However,
if you go to that page when it is installed, it reveals sensitive
information to the internet at large,…

Full Disclosure

iPlatinum iOneView Multiple Parameter Reflected XSS

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/iplatinum-ioneview-multiple-parameter-reflected-xss.html

Date:
04-Apr-2017

Product:
iPlatinum iOneView

Versions affected:
Unknown.

Vulnerabilities:

1) Cross-site scripting:

http://[target]/ioneview/admin/main.pl?cmd=<script>alert(document.cookie)</script>
http://[target]/ioneview/admin/main.pl?_username=&quot;><script>alert(document.cookie)</script>…

Full Disclosure

Moodle URL Manipulation Remote Account Information Disclosure

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/moodle-url-manipulation-remote-account-information-disclosure.html

Date:
04-Apr-2017

Product:
Moodle

Versions affected:
2.4.10, 2.5.6, 2.6.3, 2.7 and earlier.

Vulnerability:
Information disclosure.

Example:
/user/edit.php?id= reveals account owner name

1. Log in to http://demo.moodle.net/ as user student:sandbox.
2. Click view profile when logged in (student is id=4).
3. Change id parameter from 4 to 3, which…