[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Sistem Biwes Multiple Vulnerability
From: admin () eidelweiss ! info
Date: 2012-08-29 15:28:14
Message-ID: 201208291528.q7TFSEmf029042 () sf01web3 ! securityfocus ! com
[Download RAW message or body]
===================================================================
Sistem Biwes Multiple Vulnerability
===================================================================
Author: eidelweiss (@randyarios)
Product / software: SISTEM BIWES
Vendor Site: http://sistembiwes.com/
Product Price: RM240 / year
Product Description:
Sistem Bina Website Sendiri(Biwes)
Sistem Bina Website Sendiri atau lebih dikenali dengan nama Sistem Biwes adalah \
sistem bina website sendiri berkonsepkan DIY(Do It Yourself). Ia memberi peluang \
kepada mereka yang ingin mengendalikan website sendiri tetapi tidak mempunyai \
pengetahuan tentang website.
Cara penggunaannya iaitu anda masukkan kandungan website, sistem secara automatik \
akan mencipta menu bagi page baru. Bagi website e-commerce pula sistem ini \
digabungkan dengan sistem shopping cart dan sistem pembayaran.
Sistem ini sesuai untuk produk digital ataupun fizikal. Bilangan produk yang sedikit \
ataupun bilangan produk yang banyak
===================================================================
Vulnerability:
Due to improper input sanitation, parameters are prone to SQL injection, Dir Listing
and Full Path Disclosure Vulnerability.
p0c 1: SQL Injection
Page: index.php
Vulnerable param: 'produkId'
http://host/index.php?c=[valid num]&a=cartM2&produkId=[inject here]
p0c 3: Full Path Disclosure (FPD)
path: multiple
page: multiple
Demo:
http://host/webs/admin/index.php
Warning: require_once(form_login.php) [function.require-once]: failed to open stream: \
No such file or directory in /home/[TARGET]/public_html/webs/admin/index.php on line \
21
Fatal error: require_once() [function.require]: Failed opening required \
'form_login.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in \
/home/[TARGET]/public_html/webs/admin/index.php on line 21
And many other path also vuln.
===================================================================
==========================| -=[ E0F ]=- |==========================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic